What is a crypto scam?
A crypto scam is a fraudulent scheme that uses cryptocurrency as either the payment mechanism, the investment vehicle, or the lure to steal money or sensitive information from victims. Crypto scams range from elaborate long-duration investment frauds built on fabricated trading platforms to rapid phishing attacks designed to steal private keys or wallet credentials within minutes. What unites every type of crypto scam is the use of cryptocurrency’s perceived complexity and relative novelty to create an information gap between scammers and their targets.
Cryptocurrency scams are now one of the largest and fastest-growing categories of financial fraud globally. According to the FBI’s Internet Crime Complaint Center (IC3), reported losses from cryptocurrency investment fraud exceeded $5.6 billion in 2023 alone. Those figures represent only the cases that were reported. The actual scale is substantially higher. And despite the common belief that cryptocurrency enables anonymous crime, every crypto scam leaves a permanent trail on the blockchain. Chainalysis and law enforcement agencies have successfully traced, prosecuted, and recovered funds from scammers across every major scam category.
How do crypto scams work?
Most cryptocurrency scams follow one of two structural models: investment fraud, where the scammer persuades the victim to send cryptocurrency to a fake trading platform or fund; or theft, where the scammer gains unauthorized access to the victim’s wallet or exchange account and drains it directly.
Investment fraud relies on social engineering. Scammers build trust over time through social media, dating apps, professional networks, or unsolicited messages, then introduce a fraudulent investment opportunity that appears to generate impressive returns. The returns are fabricated. When the victim attempts to withdraw, they are told fees or taxes must be paid first. The scammer eventually disappears with all deposited funds.
Direct theft targets the credentials and private keys that give access to cryptocurrency wallets. Phishing websites impersonate legitimate exchanges or wallet providers. Malware captures keystrokes or clipboard content when a wallet address is copied. SIM swapping compromises phone-based two-factor authentication. Each attack vector leads to the same outcome: unauthorized access to a wallet, followed by an irreversible transfer to an address the scammer controls.
In both models, cryptocurrency is the preferred instrument because transactions are fast, borderless, and difficult to reverse once confirmed on the blockchain. Scammers frequently move stolen funds quickly through multiple wallets, mixing services, and exchanges in other jurisdictions to complicate recovery. But every transfer is permanently recorded. Blockchain analytics traces those movements regardless of how many hops the scammer uses.
Common types of crypto scams
Investment Scams and Pig Butchering
Investment scams are the largest category of cryptocurrency fraud by total reported losses. Pig butchering is the most sophisticated variant: scammers build a romantic or professional relationship with a victim over weeks or months, then introduce a fraudulent cryptocurrency trading platform that shows fabricated returns. Victims deposit increasingly large sums before discovering that withdrawals are blocked by demands for fees, taxes, or compliance deposits. Losses from pig butchering operations routinely reach tens of thousands to hundreds of thousands of dollars per victim. The FBI received over 69,000 complaints about cryptocurrency investment fraud in 2023.
Phishing Scams
Phishing attacks targeting cryptocurrency users impersonate legitimate exchanges, wallet providers, or DeFi platforms through fake websites, emails, and social media accounts. A victim entering credentials on a phishing site hands their login directly to the scammer. Phishing emails often contain malicious links that redirect to near-identical copies of legitimate exchange login pages. More sophisticated phishing campaigns target hardware wallet users with fake firmware updates or seed phrase recovery requests. Private keys and seed phrases obtained through phishing give scammers complete, irreversible access to the victim’s wallet.
Ponzi and Pyramid Schemes
Crypto Ponzi schemes promise guaranteed returns from investment management or trading strategies, paying early investors with later investors’ deposits rather than legitimate returns. They collapse when new deposits can no longer cover withdrawal requests. Pyramid schemes require participants to recruit others, with fees flowing upward through the network to early participants. Both structures are mathematically unsustainable. High and consistent promised returns, pressure to recruit others, and difficulty withdrawing funds are the primary red flags. Several crypto Ponzi schemes have resulted in billions of dollars in losses and criminal prosecutions.
Rug Pulls
A rug pull is a fraud specific to decentralized finance (DeFi) and token launches. Developers create a new cryptocurrency or DeFi protocol, attract investors by promoting high yields or speculative token appreciation, and then abruptly drain the liquidity pool or abandon the project after accumulating significant funds. Because token launches and DeFi protocols can be created with minimal technical overhead, rug pulls are frequent. Blockchain analytics can identify rug pull patterns through abnormal liquidity drain activity and by tracking developer wallet movements before and during the exit.
Fake ICOs and Token Fraud
Initial coin offerings (ICOs) allow projects to raise funds by selling newly created tokens to investors. Fraudulent ICOs create the appearance of a legitimate project through white papers, websites, and social media promotion, then disappear after raising funds or issue worthless tokens. Celebrity endorsements are frequently fabricated or impersonated to add legitimacy to fake ICO promotions. Investors should verify any ICO against regulatory databases (SEC EDGAR for US projects) and treat unsolicited investment opportunities with skepticism, regardless of the apparent endorsement.
Pump-and-dump Schemes
Pump-and-dump schemes involve coordinated buying of a low-value cryptocurrency to inflate its price, followed by mass selling once retail investors have been drawn in by the apparent gains. Promoters use social media platforms, Telegram groups, and influencer channels to drive purchase activity. Once the coordinated sellers exit, the price collapses and late buyers absorb the losses. Pump-and-dump activity is detectable through abnormal trading volume patterns and coordinated wallet behavior on the blockchain.
Impersonation Scams
Scammers impersonate legitimate entities including well-known cryptocurrency exchanges, government agencies, financial regulators, celebrities, and prominent figures in the cryptocurrency industry. Impersonation scams commonly appear on social media, through direct messages, or via fake customer support channels. A frequent variant involves fake exchange customer support accounts contacting users who have publicly complained about platform issues, offering to “resolve” the problem by obtaining login credentials. Government agency impersonation scams falsely claim the victim owes taxes or faces legal action unless they pay in cryptocurrency via a Bitcoin ATM.
Giveaway Scams
Giveaway scams promise to double or multiply cryptocurrency sent to a specific address, often presented as a limited-time promotion from a celebrity or major exchange. The cryptocurrency sent is never returned. Giveaway scams spread through hacked social media accounts, YouTube livestream exploits, and fabricated endorsements from well-known figures. No legitimate individual or organization asks recipients to send cryptocurrency in order to receive more back. Any such offer is a scam.
Malware and Wallet Drainers
Malware targeting cryptocurrency users includes keyloggers that capture wallet passwords, clipboard hijackers that replace copied wallet addresses with scammer-controlled addresses, and browser extensions that read private keys from web wallets. Wallet drainers are smart contract-based scripts that, when executed through a malicious transaction approval, transfer all tokens from a wallet to the scammer in a single transaction. Connecting a wallet to an unverified DeFi protocol or approving an unfamiliar transaction is sufficient for a wallet drainer to operate.
| Scam type | Primary mechanism | Key red flag |
|---|---|---|
| Investment scam / pig butchering | Fabricated trading platform; social engineering | Withdrawal blocked by fees or taxes |
| Phishing | Fake website or email capturing credentials | Unsolicited login request; URL mismatch |
| Ponzi / pyramid scheme | New deposits pay old withdrawals | Guaranteed returns; pressure to recruit |
| Rug pull | Developer drains DeFi liquidity pool | Sudden liquidity drop; developer wallets empty |
| Fake ICO | Fraudulent token sale; no real project | Unverifiable team; fabricated endorsements |
| Pump and dump | Coordinated buying then mass selling | Sudden spike in obscure token; social media hype |
| Impersonation | Fake exchange, agency, or celebrity contact | Unsolicited outreach requesting credentials or payment |
| Giveaway scam | Promise to multiply sent cryptocurrency | Any offer requiring you to send crypto to receive more |
| Malware / wallet drainer | Software captures keys or drains wallet via smart contract | Unknown extension; unexpected transaction approval request |
How to identify a crypto scam: red flags
Most crypto scams share recognizable warning signs. Knowing what to look for reduces the likelihood of becoming a victim.
- Guaranteed or unusually high returns: No legitimate investment platform guarantees returns, and cryptocurrency markets are inherently volatile. Any promise of consistent high returns, especially with no explanation of the underlying strategy, is a significant red flag.
- Pressure to act quickly: Urgency is a deliberate manipulation tactic. Scammers create artificial deadlines to prevent victims from researching the opportunity or consulting others before committing funds.
- Requests for private keys or seed phrases: No legitimate exchange, wallet provider, or support team will ever ask for your private key or seed phrase. Sharing either gives the recipient complete access to your wallet and everything in it.
- Unsolicited investment advice: Unprompted contact about cryptocurrency investment opportunities through social media, dating apps, or messaging platforms is one of the most reliable indicators of an investment scam or pig butchering operation.
- Withdrawal blocked by fees or taxes: If a platform claims funds cannot be released without first paying a fee, tax, or compliance deposit, the platform is fraudulent. Legitimate exchanges do not require payment to process withdrawals.
- Unverifiable team or project: Fraudulent ICOs and token projects frequently feature fabricated team members, plagiarized white papers, and websites with no verifiable company registration. Always check regulatory databases before investing.
- Celebrity or authority figure endorsements: Scammers routinely fabricate or impersonate endorsements from known figures. Verify any claimed endorsement through official channels before acting on it.
- Unrecognized transaction approval requests: In DeFi contexts, approving an unrecognized transaction can give a malicious contract unlimited access to your wallet. Review every approval request carefully and revoke unused approvals regularly.
How to protect yourself from crypto scams
- Use only regulated, reputable exchanges with verifiable licensing in your jurisdiction and a documented compliance program.
- Never share your private keys or seed phrase with anyone, for any reason.
- Verify URLs carefully before entering login credentials. Bookmark legitimate exchange and wallet URLs and access them only through your bookmark.
- Use hardware wallets for significant cryptocurrency holdings. Hardware wallets require physical confirmation of transactions, blocking most remote theft attempts.
- Enable strong two-factor authentication using an authenticator app rather than SMS, which is vulnerable to SIM swapping.
- Research any cryptocurrency investment independently before committing funds. Check FINRA BrokerCheck, the SEC’s EDGAR database, and your state or national securities regulator.
- Be skeptical of investment advice from anyone you have not met in person, regardless of how well you believe you know them online.
- Do not send cryptocurrency to receive more cryptocurrency back. Giveaway scams are universally fraudulent.
- For DeFi interactions, verify smart contract addresses against official project documentation and revoke unused token approvals regularly.
What to do if you have been targeted by a crypto scam
Act quickly. Speed matters for recovery. The sooner scam activity is reported, the greater the chance that law enforcement can act before funds are converted to fiat at an exchange. Do not delay reporting while attempting to recover funds independently.
- Stop all transfers immediately. Do not send additional funds regardless of what the scammer or fraudulent platform claims. Do not pay withdrawal fees, taxes, or compliance deposits.
- Preserve all evidence. Screenshot all communications, transaction records, the fraudulent platform, and any wallet addresses involved. Do not delete anything. This evidence is required for any law enforcement report.
- Report to the FBI IC3. File a complaint at ic3.gov. The Internet Crime Complaint Center is the primary federal reporting mechanism for cryptocurrency fraud and shares intelligence with the FBI, Secret Service, and partner agencies.
- Report to the FTC. File at reportfraud.ftc.gov. FTC complaints contribute to national fraud intelligence and support enforcement actions targeting scam networks.
- Contact the exchange. If funds were sent through or to a regulated cryptocurrency exchange, contact the exchange’s fraud or compliance team immediately. Exchanges may be able to flag destination accounts before funds are withdrawn.
- Consult a professional. Blockchain forensics firms can trace on-chain fund flows and, in documented cases, have supported law enforcement in recovering proceeds from crypto scammers. Full recovery is not guaranteed, but reporting quickly creates the best conditions for it.
Can crypto scammers be traced?
Yes. Despite the persistent misconception that cryptocurrency enables untraceable crime, every transaction on a public blockchain is permanently recorded and visible to anyone. Crypto scammers are regularly traced, prosecuted, and in many cases their proceeds are recovered through coordinated law enforcement action.
The tracing process works because scam proceeds must eventually reach fiat currency to be useful. That conversion almost always passes through a regulated cryptocurrency exchange with KYC records. Blockchain analytics follows the on-chain path from the victim’s wallet through any layering transactions to the exchange account where the scammer attempts to cash out. At that point, law enforcement can obtain KYC records through legal process, identify the account holder, freeze funds, and initiate prosecution.
Chainalysis has supported law enforcement in cases across every major scam category. The 2022 recovery of $3.6 billion in Bitcoin linked to the 2016 Bitfinex hack traced funds through six years of layering transactions. Colonial Pipeline ransom proceeds were partially recovered in 2021 through on-chain tracing to an exchange account. Pig butchering networks operating from Southeast Asia have been disrupted through coordinated blockchain analytics-supported enforcement operations. The blockchain’s permanent, public record is not an obstacle to investigation. It is the evidence.
How Chainalysis helps investigate and prevent crypto scams
Chainalysis provides the blockchain intelligence infrastructure that law enforcement, exchanges, and financial institutions use to detect, trace, and disrupt cryptocurrency scam operations at scale.
Chainalysis Reactor: The investigation platform used by law enforcement agencies in over 100 countries to trace crypto scam proceeds on-chain. Reactor follows funds from victim wallets through layering transactions, mixer interactions, and cross-chain transfers to the exchange accounts where scammers attempt to cash out, building prosecutable evidence packages along the way.
Chainalysis KYT (Know Your Transaction): Real-time transaction monitoring that enables cryptocurrency exchanges to detect patterns consistent with scam activity, including rapid deposit-and-transfer behavior, connections to known scam wallet clusters, and exposure to high-risk entities. KYT generates alerts for compliance review and SAR filing, keeping exchanges from processing scam proceeds without detection.
Chainalysis Alterya: Alterya provides account-level fraud detection specifically designed to identify scam-related behavior before it causes irreversible harm. By analyzing behavioral signals at the account level, Alterya surfaces scam activity that transaction-level monitoring alone may not catch, giving exchanges an earlier intervention point.
Chainalysis Address Screening: Pre-transaction risk assessment that identifies wallet addresses associated with known scam operations, darknet markets, and other illicit entities before a transaction is processed. Address Screening gives compliance teams the ability to act on scam exposure before funds settle rather than after.
Chainalysis Data Solutions (DS): Continuously updated attribution data covering scam wallet clusters, pig butchering infrastructure, and emerging fraud typologies. This intelligence layer ensures that KYT monitoring and Reactor investigations reflect the current state of the scam ecosystem rather than a static snapshot.
Frequently asked questions about crypto scams
Q: What is a crypto scam?
A: A crypto scam is a fraudulent scheme that uses cryptocurrency as the payment method, investment vehicle, or lure to steal money or credentials from victims. Common types include investment fraud built on fabricated trading platforms, phishing attacks that steal wallet credentials, Ponzi and pyramid schemes, DeFi rug pulls, and impersonation scams. Cryptocurrency scams are a major and growing category of financial fraud, with reported losses exceeding $5.6 billion in the United States alone in 2023.
Q: What is the most common crypto scam?
A: Investment fraud, including pig butchering scams, is the largest category of cryptocurrency fraud by total reported losses. These scams involve scammers building trust with victims over time through social media or messaging platforms, then introducing a fraudulent cryptocurrency trading platform that shows fabricated returns before blocking withdrawals and disappearing with deposited funds.
Q: What are the red flags of a crypto scam?
A: Key red flags include guaranteed or unusually high returns, pressure to act quickly, requests for private keys or seed phrases, unsolicited investment advice through social media or dating apps, withdrawal requests blocked by fees or taxes, unverifiable teams or projects, fabricated celebrity endorsements, and any offer that requires sending cryptocurrency to receive more back.
Q: Can a crypto scammer be traced?
A: Yes. Every cryptocurrency transaction is permanently recorded on a public blockchain, creating a forensic trail that blockchain analytics can follow. Law enforcement agencies routinely trace crypto scam proceeds from victim wallets through layering transactions to the exchange accounts where scammers attempt to convert funds to fiat. At that point, KYC records held by the exchange can identify the account holder. Chainalysis has supported law enforcement in recovering funds across every major scam category.
Q: How do I report a cryptocurrency scam?
A: Report to the FBI’s Internet Crime Complaint Center at ic3.gov and the FTC at reportfraud.ftc.gov. If funds were sent through a regulated exchange, contact that exchange’s fraud or compliance team. Preserve all evidence before reporting, including screenshots of communications, transaction records, and wallet addresses. Acting quickly improves the chances of recovery.
Q: Can I get my money back after a crypto scam?
A: Full recovery is rare but not impossible. Law enforcement has recovered crypto scam proceeds in documented cases when funds were traced to regulated exchanges before withdrawal. The most important factor is speed: the sooner a scam is reported, the more likely law enforcement can act before funds are converted to fiat and withdrawn. File a report with the FBI IC3 immediately and document everything.
Q: Is a crypto scam a federal crime?
A: Yes. Cryptocurrency scams can give rise to federal criminal charges including wire fraud, mail fraud, money laundering, and securities fraud. The FBI, Secret Service, and Department of Justice actively investigate and prosecute cryptocurrency fraud. Several operators of crypto scam networks have received significant federal prison sentences. Reporting to the FBI IC3 is the appropriate first step to triggering a federal investigation.
Crypto scams are traceable. Chainalysis makes the evidence.
Chainalysis gives law enforcement, exchanges, and financial institutions the tools to detect, trace, and investigate cryptocurrency scams across every major blockchain network.
Request a Demo. See how Chainalysis supports crypto scam investigations and exchange fraud prevention.
Read the 2026 Crypto Crime Report
Explore Chainalysis Reactor for scam investigations
Learn how Chainalysis Alterya detects scam activity at the account level