FixedFloat Blog

Our news, cryptocurrencies guides and tutorials

How to avoid scams and theft of your crypto?

The cryptocurrency market is growing, and with it new schemes for stealing coins and user data appear. Hacking wallets, fake exchanges, viruses, phishing emails, and more have happened in the crypto community more than once. Not only world famous exchanges and large holders of cryptocurrencies suffer, but also ordinary users.

In this article, we'll take a look at the most common types of cryptocurrency scams and give some tips on how to secure your coins.

  1. Phishing
  2. Blackmail
  3. Fake giveaways
  4. Fake exchanges
  5. Fake apps
  6. Pyramid scheme
  7. Fake tokens
  8. Malware

1. Phishing

Phishing is a scam to obtain user identification information such as mnemonic phrases, private keys, and account login credentials. Both ordinary users and large companies have repeatedly become victims of phishing.

The fraudster impersonates a well-known person or company in the crypto community, sends emails, creates fake websites or social networking accounts.

For example, at the end of 2020, users of the Ledger wallet received letters stating that the servers were infected with malware and there was a risk of cryptocurrency theft. To avoid this, it was suggested to follow the link and download the security update. Inattentive users downloaded the update from a fake version of the Ledger website, and scammers received funds from victims.

Beware of suspicious messages and emails that may contain dangerous links or attachments. Check your URLs for spelling errors or extra characters. If in doubt about the sender of the letter, contact the company directly through the contact details provided in a reliable source.

Even if the email was sent from a real address, it can still be fraudulent. Be sure to check the URL before entering your logins and passwords.

Do not follow links received from unknown senders.

To avoid falling victim to phishing on social media, check to see if the person is who they say they are. Some social networks have indicators of authenticity.

Protect your confidential information, do not give anyone your private keys, seed phrase, logins and passwords.

2. Blackmail

Perhaps this is one of the most common methods of extortion of cryptocurrency. The fraudster threatens the victim with spreading confidential information about her, which in theory can be true. For example, an attacker claims to have evidence of cheating or viewing prohibited content. By the way, scammers do not always have any important information about their victims. They often fake it.

Among the scammers, there are especially creative individuals. So in 2018, a number of netizens received warning letters. The attacker claimed that someone ordered them to the killer, but if users send BTC coins to the specified address, the order to the killer will be canceled.

If you receive such an email, the best solution in such a situation is to ignore it and not send the cryptocurrency to the scammer. Attackers send a huge number of letters every day, and most likely they have no information about you, and your mail is simply on their mailing list.

If you feel a real threat from the sender of the letter, you should contact your local police. You should not enter into a dialogue and even less send coins to the extortionist. Such actions can lead to negative consequences.

3. Fake giveaways

Fraudsters, using famous names in the crypto community for greater persuasiveness, create accounts on social networks and many sites, buy YouTube channels, offering a bargain "send me coins and I will return you 10 times more." The user sends their coins, but gets nothing back.

Do not participate in the distribution of cryptocurrency if, according to its terms, you must send coins to the organizer's address. The organizers of fair giveaways do not require funds to be sent to them.

4. Fake exchanges 

Such services lure customers with very low fees, free distribution of coins or gifts. Often they attract with a very favorable rate, offering arbitrage between exchanges. Users use a fake service, but when trying to withdraw a significant amount, fake exchanges block coins. Such exchanges can exist for a long time and not attract attention, imitating the reality of a real exchange.  

Be careful about your credentials and the sites you visit. Provide information about yourself carefully.

Use different email and passwords when registering. It is extremely dangerous to use the same email and the same password, since if one account is hacked, attackers will be able to gain access to your other accounts.

Bookmark the URL of the real exchange you are using. Always test it before use.

5. Fake apps

There have also been cases when attackers created copies of existing applications or fake applications for platforms that do not have mobile or desktop versions. For example, in 2017, the Poloniex exchange app appeared. Users installed it by providing their personal data to scammers.

Before downloading the application, check the information about the developer, the number of downloads, read reviews and comments.

6. Pyramid scheme

The classic pyramid scheme has a very simple scheme. For example, the service promises 10% return on investment by the end of the month. You have invested $100 in the project. During this time, the investor is looking for a new client who also invests $100. After receiving money from a new investor, the organizer can pay you $110 at the end of the month. In order to pay the second investor, the organizer finds new clients. Investors make a profit only if new people come to the project and invest money.

The pyramids have a number of common features: they guarantee a high income without risk, they persistently ask to bring new customers, the site does not have contact information and documentary evidence of investments. If the project has these features, it is most likely fraudulent.

Before investing in an unfamiliar project, try to find as much information as possible about it. Take your time and do not fall for the beliefs about easy profit, study the reviews of real users.

7. Fake tokens

Recently, decentralized finance (DeFi) has become very popular. This attracted a lot of scammers. Attackers create fake DeFi tokens and add them to decentralized exchanges. Fake tokens have the same names and tickers as the original tokens.

As a result, one exchange can have a real cryptocurrency and its copies. If you buy a fake token, the funds will go to scammers, and you will be left with a currency, the price of which is most likely equal to zero.

Look for the token not by name, but by the address of the smart contract. You can find the original address on the project website or through cryptocurrency aggregators. For example, Coinmarketcap and Coingecko.

Analyze the token smart contract information on etherscanbscscan and polygonscan. Pay attention to liquidity and the number of transactions. 

8. Malware

The copy-and-paste virus allows scammers to intercept data from the clipboard. If you have such a virus on your device, then when you copy and then paste the address from the clipboard, it will be automatically replaced with the address of the fraudster.

There are also ransomware viruses that can block access to important data on the device, threatening to delete it. To unblock, the victim is required to send cryptocurrency.

Be sure to check the recipient's address before sending coins. Otherwise, if you have copy-and-paste virus on your device, you may lose your funds.

Set up regular backups. If you encounter a ransomware virus, it will help you recover your files.

If you suspect that your device has a virus, scan it with an antivirus.


We have covered the most popular types of scams that both beginners and experienced cryptocurrency users can face. We hope that knowledge of these methods will help you protect your funds from loss.