All articles
Web3 FoundationsJuly 1, 202611 min read

The 5 Most Common Crypto Scams (and How to Spot Them)

A security auditor breaks down the 5 most common crypto scams, the fixed anatomy of each, and the one shared trick under all of them so you can avoid them.

By Carlos (Bloqarl)

TL;DR

  • Almost every crypto scam is one of five shapes: rug pulls, wallet-drainer approvals, fake support, giveaway or impersonation scams, and long-con "pig butchering" investment traps.
  • Each shape has a fixed anatomy. Once you have seen the skeleton, you recognize the same trick wearing a new costume.
  • Under all five is one shared skeleton: urgency, plus free or easy money, plus "just connect your wallet" or "just sign this."
  • The reason the same trick keeps working is that scammers are not hacking the code. They are hacking a human reflex: the urge to act fast so you do not miss out.
  • The one habit that defends against every scam on this list: when something feels urgent and profitable, slow down and do the opposite of what the message wants.

Why do beginners keep getting robbed in crypto?

Because crypto removes the safety net that the normal financial world has. In a bank, if you get tricked, a human can often reverse the charge. In Web3, you are the bank, and most moves are permanent. Send funds to a scammer, sign the wrong approval, or paste your secret words into a fake site, and there is usually no undo button and no support line to call.

That permanence is the price of self-custody: you hold your own funds with no bank in the middle, which means no bank can save you either. That permanence is exactly what scammers rely on. They do not need to be clever. They just need you to act once, fast, before you stop and think. So the goal of this article is not to memorize a hundred tricks. It is to learn the five shapes almost every scam takes, and then the single skeleton underneath all of them. Learn the skeleton and you can spot brand new scams you have never seen before.

What is a rug pull?

A rug pull is when the people behind a token or project take everyone's money and disappear. The "rug" is the value you thought you were standing on, and it gets yanked out from under you.

The anatomy is almost always the same:

  • A new token or project appears with loud hype and promises of huge, fast returns.
  • The team is often anonymous, and the marketing pushes hard on FOMO (fear of missing out): "get in early," "this is going to 100x," "last chance."
  • People buy in, the price climbs, more people pile in because the price is climbing.
  • At a chosen moment, the insiders sell everything at once or drain the shared pool of funds, the price collapses to near zero, and the team goes silent. Social accounts vanish, the website goes down.

How to spot it: ask the auditor's question, the same one I use every day, "what does this thing do if the price stops moving?" A real project still does something useful with a flat price. A rug pull has nothing underneath the price except hype. Other tells: an anonymous team with no track record, promises of guaranteed or fixed high returns (real markets never guarantee returns), pressure to buy right now, and no independent security review. Before you ever put money into a project, learn to research it properly instead of trusting the hype.

What is a wallet-drainer or approval scam?

This is the scam that empties wallets without ever asking for your password. It works through a legitimate feature of crypto that gets abused.

Here is the mechanic in plain English. To use most real apps, your wallet has to grant permission for a contract to move a specific token on your behalf. That is called an approval, and it is normal and necessary. A drainer scam abuses this. It puts a fake app or a fake "claim your reward" page in front of you and asks you to connect your wallet and sign something. What you are actually signing is an approval that hands a stranger's contract permission to move your tokens. Later, quietly, it moves them out.

Notice what did not happen: you never gave away your seed phrase or private keys. Your secrets were never leaked. You signed away access with your own hand, one click, permanent. This is a form of phishing, tricking you into an action rather than stealing a secret.

How to spot it:

  • Be deeply suspicious of any page offering free money: airdrops you did not sign up for, "you won" prizes, surprise rewards.
  • Only connect your wallet to sites you reached yourself, by typing the URL or using a saved bookmark, never through a link in a DM, email, or ad.
  • Read what you are signing. If a "claim" page asks for a token approval or an unusual signature, stop. Claiming a free reward should not require you to grant spending permission.
  • If something already went wrong, know that approvals can be reviewed and revoked. Learn how wallets and approvals actually work so this is not a mystery when it counts.

What are fake support and impersonation scams?

These two are cousins, so I will take them together. Both work by pretending to be someone you trust so you lower your guard.

Fake support shows up right when you have a problem. You post in a public group that your wallet is stuck or a transaction failed, and within minutes a friendly "support agent" messages you privately. Real projects almost never DM you first. The fake agent walks you toward the one move that ends the game: entering your seed phrase into a "verification" tool or "wallet sync" page, or connecting your wallet to a "support portal." The moment you type those words anywhere, the funds are gone.

Impersonation is the broader version. A scammer copies the name, photo, and handle of a founder, a company, a celebrity, or even a friend, then reaches out or posts as them. The message is designed to borrow the trust you already have in the real person.

How to spot it:

  • No legitimate person or company will ever ask for your seed phrase. Not support, not a founder, not a giveaway. There is no situation where typing your 12 or 24 words into a website is the fix. This single rule blocks a huge share of scams.
  • Real support does not slide into your DMs first. Treat any unsolicited "help" message as hostile until proven otherwise.
  • Verify identity through an official channel you find yourself, not through the link or contact the message hands you. Understanding the players and roles in the ecosystem makes it easier to smell when a "founder" or "admin" is fake.

What are giveaway and pig-butchering scams?

Two more shapes, one short-con and one long-con, and both dangle profit to pull you in.

Giveaway scams are the classic "send 1, get 2 back." You see a post, often under a hijacked or impersonated celebrity account, promising that if you send crypto to an address, you will get double back. Sometimes it is a fake live stream with a QR code on screen. The math is the bait: free money, right now, but only if you act before it "ends." You send funds to the address, and nothing comes back, because there was never anything to come back.

Pig-butchering is the slow, cruel one, and it is worth naming because it does not look like a scam at first. Instead of rushing you, the scammer invests weeks building a relationship, often romantic or friendly, over messaging apps. Once trust is deep, they introduce a "great investment opportunity," usually a slick fake trading or investment platform. Early on, the platform even shows fake profits and may let you withdraw a small amount, which convinces you it is real. Then it encourages you to put in more and more. When you try to take out the big balance, you are told you must pay a "fee" or "tax" first, another way to extract money, and eventually the platform and the "friend" both vanish.

How to spot it:

  • Nobody doubles your money for free. A giveaway that requires you to send crypto first is always a scam, with zero exceptions.
  • Be alert when a new online friend or partner pivots to a can't-miss investment on a platform they introduced. That pivot is the tell, no matter how genuine the person felt.
  • Fake profits on a screen are not money. If withdrawing your gains requires paying a fee up front, it is a trap designed to pull more from you.

So what do all crypto scams have in common?

Now the payoff. Look back at all five shapes and you will see the same skeleton under every one of them. Every scam on this list is trying to combine three ingredients:

  1. Urgency. "Act now," "last chance," "offer ends soon," "your funds are at risk," "verify immediately." The clock is fake, and its only job is to stop you from thinking.
  2. Free or easy money. Airdrops, doubled giveaways, guaranteed high returns, surprise rewards, effortless profit. The prize is bait sized to make you skip your own caution.
  3. "Just connect your wallet" or "just sign this" or "just enter your words." The single irreversible action that closes the trap. Rug pulls want your buy. Drainers want your signature. Fake support wants your seed phrase. Every scam funnels you toward one permanent click.

That is it. That is the whole engine. Different costumes, same skeleton: urgency, plus a free-money lure, plus one irreversible action.

The auditor's lens: scammers exploit the same human reflex every time

Here is what I want you to take from this as a security auditor. When I review smart contracts, the attacker is exploiting a flaw in the code. When a beginner gets scammed, the attacker is exploiting a flaw in human wiring, and it is the same flaw every time: the reflex to act fast when we sense we might miss out on something good, or lose something we already have.

Scammers are not creative geniuses. They are running the same three-ingredient recipe over and over because it works on that reflex. This is genuinely good news for you. You do not need to recognize every new scam by name. You only need to recognize the feeling: a message that makes you feel rushed and excited at the same time, and then asks for one irreversible action. That feeling is the alarm.

So here is the one habit that defends against everything above. When something in crypto feels urgent and profitable, slow down and do the opposite of what the message wants. Close the tab. Do not click the link they sent, reach the site yourself. Do not send the funds, wait a day. Do not sign yet, read it first. Do not type your seed phrase, ever, anywhere. The scam depends on speed. Removing the speed removes the scam.

Related questions

Can I get my money back after a crypto scam? Usually no. Most crypto transactions are permanent, and there is no central authority that can reverse them the way a bank reverses a fraudulent charge. This is exactly why prevention matters so much: the undo button that exists in traditional finance does not exist here.

Will a real project or support team ever ask for my seed phrase? Never. No legitimate person, company, support agent, or giveaway will ever need your seed phrase or private keys. Anyone asking for those words is trying to steal your funds, full stop. Treat the request itself as proof of a scam.

How can I tell a real airdrop or reward from a scam? Be suspicious of any "free money" you did not sign up for, and never let a claim page grant a token approval or ask you to connect your wallet through a link someone sent you. Reach official sites yourself, and remember that claiming a genuine reward should not require you to sign a spending permission or pay a fee first.

Are NFTs also targeted by these scams? Yes. The same shapes apply to NFTs: fake mint pages act like drainer scams, and "you won a free NFT" messages are giveaway bait. The skeleton is identical, urgency plus a free-money lure plus one wallet signature.

What is the single most important habit to avoid crypto scams? Slow down. Almost every scam depends on you acting quickly, so building a reflex to pause whenever something feels urgent and profitable defuses the trick before it can work.

Where to go next

Crypto scams look endless, but they are not. They are five shapes wearing new costumes, and all five run on the same three-part engine: urgency, free money, and one irreversible click. Once you can feel that combination, you can spot a scam you have never seen before, which is the whole point.

The best way to lock this in is to see each scam broken down with real examples and practice recognizing the skeleton yourself. That is exactly what The Scam Catalog checkpoint in Your First 90 Days in Web3 does, taught with a security auditor's eye. Start below, it is free and needs no account.

Tagged

Crypto ScamsSecurityCrypto for Beginners