Common Crypto Scams and How to Avoid Them (2026)
[object Object]
Crypto scams are not one problem.
Some scams try to steal your recovery phrase. Some try to trick you into approving wallet access. Some do not need either one because they just want you to send coins to the wrong address under pressure.
The fastest way to lose money is treating every scam like generic "phishing." The safer move is to identify what the attacker wants from you right now and stop that specific action.
Short answer
If anything asks you to move funds urgently, reveal a seed phrase, install a wallet from a random link, approve a transaction you do not understand, or trust an address copied from history, stop.
| If the scam tries to get you to... | Treat it as | Read next |
|---|---|---|
| Enter your seed phrase into a website or app | A wallet-theft attempt | Fake crypto wallet apps |
| Move funds because "support" called or messaged you | A support-impersonation scam | Crypto support call scam |
| Sign an approval, permit, or wallet prompt you do not fully understand | An approval / wallet-drainer risk | Wallet approval scams |
| Copy an address from old transaction history | An address-poisoning risk | Address poisoning scams |
| Trust a pasted address on an infected device | A clipboard-malware risk | Clipboard hijacking in crypto |
| Rely on SMS-only exchange security | An account-takeover risk | SIM swap attacks on exchange accounts |
The six scam patterns that matter most
1. Seed-phrase theft and fake wallet apps
This is still the fastest catastrophic mistake.
A fake wallet app, fake support page, fake recovery tool, or fake airdrop page asks for your seed phrase first. If you give it away, the attacker usually does not need anything else.
Common versions include:
- a fake Ledger, Trezor, MetaMask, or Tangem-style app found through ads or random blog links;
- a website that says your wallet needs "verification" or "recovery";
- a page that tells you to import the phrase to fix a transaction problem;
- a scammer who gives you a seed phrase for a "safe wallet" they actually control.
The rule is simple: a recovery phrase belongs only in your own deliberate wallet-recovery flow, using the real product you already verified.
If you want the exact checklist, read fake crypto wallet apps and how to avoid them and seed phrase mistakes that cost people money.
2. Support impersonation and panic scams
These scams work because they create urgency before you verify anything.
The message may claim:
- your Coinbase or Kraken account was accessed;
- your wallet needs to be "secured" immediately;
- a withdrawal is pending;
- support needs you to move funds to a safe wallet;
- a technician needs remote access to help you recover the account.
Real support does not need your seed phrase, does not need you to move funds to a caller-provided wallet, and does not need remote access to prove ownership.
If the pressure starts with a call, SMS, or direct message, stop and switch to the official app or site you opened yourself. Then follow the real security flow from there.
For the full playbook, read crypto support call scam.
3. Approval scams and wallet drainers
Not every theft starts with a transfer. Some start when you approve access.
This usually happens on a fake mint page, fake airdrop page, fake staking tool, or cloned DeFi interface. The site asks you to connect your wallet and sign or approve something technical-looking. Later, the attacker uses that approval to drain tokens.
This is why "I did not send anything" is not always a defense.
If you cannot explain what the wallet prompt is doing, do not sign it. If you want to experiment, do it from a smaller separate wallet, not the same wallet that holds your long-term savings.
For the detailed version, read wallet approval scams and dangerous permissions and blind signing on hardware wallets.
4. Address poisoning and fake transaction-history shortcuts
Address poisoning does not usually hack the wallet.
Instead, the attacker sends a tiny transaction or fake token movement so a lookalike address appears in your wallet history. Later, you copy that familiar-looking address and send funds to the attacker.
This catches people who:
- reuse old history as an address book;
- check only the first and last few characters;
- rush exchange withdrawals or self-custody transfers.
The habit fix is boring but effective: start from the receiving wallet or saved allowlist entry, not from old transaction history.
For the full guide, read address poisoning scams.
5. Clipboard hijacking and device malware
Clipboard malware changes the address you copied before you paste it.
This is different from address poisoning. The problem is not old history. The problem is that the computer or phone may be lying to you in real time.
That is why hardware-wallet users should care about trusted-screen verification. Ledger and Trezor are most useful here when you actually compare the destination address on the device before you sign.
If you suspect a pasted address changed, stop treating it like a harmless glitch. Read clipboard hijacking in crypto.
6. Exchange-account takeover and SIM-swap risk
Some scams target the account before the wallet.
If your exchange account still depends on weak email recovery or SMS-only 2FA, an attacker may not need a wallet exploit at all. They just need to reset access, pass a code challenge, and withdraw before you notice.
The highest-value fixes are:
- replace SMS-only 2FA with a passkey, security key, or authenticator app;
- secure the email account behind the exchange;
- enable withdrawal allowlisting before you need it;
- move long-term holdings off the exchange once the buy is done.
Read crypto exchange account security checklist and SIM swap attacks on crypto exchange accounts.
Which scam matches what just happened?
| What happened | Most likely risk | Safest immediate response |
|---|---|---|
| A site asked for your recovery phrase | Seed-phrase theft | Stop immediately. If you already entered it, move funds to a new wallet you create yourself. |
| "Support" contacted you first and told you to move funds | Support impersonation | End the interaction and verify from the official app or website only. |
| A wallet prompt appears after connecting to a mint, airdrop, bridge, or staking page | Approval scam | Reject the prompt unless you fully understand the action and trust the site independently. |
| A tiny surprise token or transaction appears in wallet history | Address poisoning or dusting | Ignore it and never use it as your source for a destination address. |
| The pasted address changes or a wallet warns about mismatch | Clipboard malware | Cancel the transfer and stop using that device for large sends until it is checked. |
| Your phone loses service and exchange logins start acting strangely | SIM swap / account takeover | Contact the carrier, lock the exchange if possible, secure email, and review sessions and withdrawals. |
The best habits that prevent expensive losses
1. Keep storage and experimentation separate
Do not use one wallet for everything.
A separate long-term wallet plus a smaller "testing" wallet reduces the damage from one bad signature, fake mint, or rushed connection.
2. Treat urgency as a red flag
Attackers want speed.
Anything that says "now or never," "protect funds immediately," or "approve before the timer ends" deserves slower verification, not faster action.
3. Verify addresses from the receiving side
Do not trust history, old notes, or random screenshots.
Open the receiving wallet or exchange deposit page fresh. For Ledger or Trezor, compare the full address on the trusted device screen before you confirm.
If you are moving coins from an exchange into self-custody, use how to move crypto from an exchange to a hardware wallet safely.
4. Harden exchange accounts before they hold real money
A lot of users think about security only after buying crypto.
That is late. Set stronger login protection, backup recovery methods, and withdrawal controls before you leave meaningful funds on an exchange.
5. Protect the recovery phrase from both theft and convenience mistakes
The seed phrase should not live in cloud notes, screenshots, forwarded emails, or random app imports.
If you hold meaningful funds long term, also review paper vs metal seed phrase backup and should you use a passphrase on your hardware wallet.
When a hardware wallet helps, and when it does not
A hardware wallet helps most when the threat is:
- malware on the computer or phone;
- unsafe hot-wallet habits;
- long-term storage of meaningful balances;
- transaction signing on a trusted screen.
A hardware wallet does not fix:
- typing the seed phrase into a fake site;
- calling a scammer back;
- approving a malicious transaction you did not understand;
- sending funds to the wrong address because you rushed.
If you are still choosing a wallet, start with best hardware wallet for beginners, best wallet for long-term Bitcoin holding, and Tangem vs Ledger.
How we checked this guide
We reviewed official Coinbase security and consumer-protection guidance, Kraken support guidance on scams and account security, Ledger support material on clipboard hijacking and transaction verification, and Trezor scam/phishing guidance. We also aligned this overview with the site's newer detailed guides on support impersonation, wallet approvals, address poisoning, clipboard malware, and exchange-account takeover so readers can move from the broad pattern to the exact scam playbook they need.
Bottom line
Most crypto scams win by making you do one wrong thing under pressure: reveal the phrase, trust the caller, approve the prompt, or send to the wrong address.
Slow the action down, identify what the attacker wants, and use the specific defense that matches the pattern. That is how you stop turning a scary message or wallet prompt into a permanent loss.