Skip to main content
All CollectionsSecurity
What crypto scams should I watch out for?
What crypto scams should I watch out for?

How to spot different types of scams, ways to prevent malicious actors and hackers from accessing your wallet, and common signs of scams.

Updated over a week ago

How to spot different types of crypto scams, ways to prevent malicious actors and hackers from getting access to your wallet, and some common signs of scams, including phishing scams.

One of the biggest threats in crypto is getting tricked into giving your private keys or 12-word secret recovery phrase to a scammer.


In this article:



What is a phishing scam?

A phishing scam is a fraudulent method of impersonating famous people or pretending to be from reputable companies to convince people to reveal personal information. In a sense, the thieves are 'fishing' for your information, hoping you will bite.

They typically send fake emails, create fake websites, and make sham social posts to get your 12-word secret recovery phrases, private keys, or other personal information to steal your money.

Phishing scams are ubiquitous and not unique to crypto. However, scammers are very active in this space. If you hold your funds in a self-custody wallet like Exodus, you control your assets. If they can convince you to reveal your private keys or secret recovery phrase, they will have full access to your funds.

Once someone has stolen crypto from your wallet, it’s not possible for anyone to reverse the transaction. Immutability, or the inability to cancel or reverse transactions, is one of the core features of blockchain technology.

So what can you do? Prevention is key. With the power of controlling your own assets comes the added responsibility of protecting those assets. Let’s dig deeper into how to recognize the common tactics that scammers use and how to protect yourself against scams.

If you suspect you've been scammed, you'll need to report it to your local law enforcement agency as a crime. Learn how here: How do I report the crime?


How can I identify a scam?

There are too many scams to name them all, so below are some tips to help you identify scams. If you're not sure, you're always welcome to contact Exodus Support.

Watch out for spoofs of legitimate websites

Spoofing is when a malicious website is disguised as a known, trusted platform. Spoofed websites might look nearly identical to an official website, but if you look closely, you will spot minor differences. For instance, scammers will use a domain address that looks very closely related to the real site. They might change one letter of the company name or use different domain extensions such as .biz .info, etc.

Spoofed websites are successful as many scammers purchase advertising space on search engines. This allows their advertising links to appear higher in the search results, which then causes people to think it’s legitimate. As such, try to avoid clicking on ad links when searching for a website. While some ads will bring you to the correct websites, it’s a good security practice to click only on the search engine results and check that the address begins with https://, and the URL is spelled correctly, so you know your link is secure.

Want to be sure you are on the correct Exodus website? We have an article in our Knowledge Base that summarizes all the official domains of Exodus:

Aside from search engines, be very careful on social media as well! Scammers often set up accounts on popular social media applications such as Twitter, Reddit, Facebook, TikTok, Telegram, Instagram, Discord, and other social media platforms and wait for vulnerable users to prey on them.

Scammers will initially offer you some good advice to trick you into believing they are legitimate. Once they win your trust, they’ll direct you to a fake website asking for your private information. They will use official-sounding terms like “validate your wallet” or "verify your wallet" or “verify your info.”


Watch out for scam tokens

Much like spoofed versions of legitimate websites, scammers also have the ability to create spoofed versions of legitimate tokens. Scam tokens look and act like their legitimate counterparts, but have no value.

Scammers create scam tokens in an effort to fool victims into believing they've been given tokens of value. That said, there are a few things to look out for when trying to tell the difference between a real token and a scam token.

First, check the contract address of the token in question.

To locate a contract address, click on the transaction ID for any tokens you’ve received, and you'll be taken to that transaction on a block explorer. The token's contract address is displayed within the transaction's information:

Then search for the token by name on CoinMarketCap. The token's contract address can be found under Contracts:

Finally, compare the contract address you found on CoinMarketCap to the token in question. If the token is legitimate, the contract address will match.

Another quick way to determine a token's legitimacy is to search the token's contract address on a block explorer. For more information, please visit: What is a block explorer?

Block explorers provide information on a few key areas regarding tokens:

  • a) Token reputation - signaled by a blue checkmark

  • b) Holders & Total Transfers

  • c) Code verification with Audit Report

  • d) Contract Address

Here is an example of a legitimate token displayed on the block explorer:

Note that the token has a) a known reputation, b) a high number of holders and total transfers, c) an audited source code, and d) a contract address that matches what is listed on CoinMarketCap.

Compare it to a scam counterpart of the same token:

In this example, the scam token has a) an unknown reputation, b) a low number of holders and total transfers, c) no audit done on the source code (even though the source code is a match), and d) the contract address does not match what is listed on CoinMarketCap.

Be wary of tokens with an unknown reputation, low holder counts, low transfer counts, and no code audits. Although none of these checks automatically rule out a token's legitimacy, a token lacking all those criteria is suspect.

If you're still unsure if your token is legitimate, please reach out to Exodus Support for assistance.


Watch out for malicious wallets and apps

While Apple and Google are really good at screening their app stores, fake and malicious apps can still sometimes get through. When scammers get fake versions in official stores, they use screenshots and pictures from the real app, as well as fake reviews, to make their wallets look legitimate.

Checking to make sure your app is authentic is key to protecting your funds. We go into this information in depth in this article here:

If you are more technical, you can use a checksum and look for the release hashes and verify that the download you have is signed. You can also turn on auto-update in your mobile phone settings or in the desktop app.

Exodus Mobile is offered on Apple devices running iOS 12 or higher and Android devices running Android 8.0 Oreo or higher. We offer no other way to download Exodus apart from using the Google Play Store for Android, App Store for iOS, or the direct download links on our website.


Spear phishing via your information that has been leaked

Some scammers use personal information leaked from data breaches to launch targeted attacks. This is called spear phishing. If your email address has been involved in a data breach, then you could be at risk.

A great example of this is the Ledger data leak. As Ledger is a crypto company, the people on the breached email database were likely to have crypto. Knowing this, scammers targeted campaigns to the leaked email addresses. They sent information from spoofed email addresses directing users to validate their wallets on malicious sites or apps.

Knowing if your email address has been compromised and being aware that scammers might contact you via email will keep you on alert. We recommend that you check here to see if your email address has been leaked:


Hallmarks of a scam

Be on the lookout for celebrity giveaways, time crunches, and double-back promises. While these are not phishing, they are worth noting while we are talking about scams. Elon Musk, Vitalik Buterin, and Changpeng Zhao (CZ) don’t give away crypto. Adding a famous name to a “promotion” is a way to trick you into a false sense of security.

Many scam websites push a very tight time limit or “limited space” so you’ll be rushed to send funds quickly. This is often done on YouTube live streams that have comments disabled. The focus is put on getting double the amount back to make you concentrate on the reward. If it ever sounds too good to be true, especially with crypto, it almost certainly is.


What are some common scams?

Be on the lookout for these common scams, and don't fall for them!


Dropped and replaced scam (ghost sending)

Also known as ghost sends, the purpose of the dropped and replaced scam is to trick you into thinking that you have received funds when, in reality, the funds never reached your wallet.

The scammer sends you a transaction (often an Ethereum or ERC20 transaction). However, they either replace the transaction and route it back to the scammer's address or another address, or they don't have the funds to begin with, so the funds never reach your wallet.

They hope you will send them funds, goods, or other services, and think they have paid for it.

To avoid this scam, if you recently received a transaction, you can confirm your balance with a block explorer to see if you actually received the funds.


This type of scam transaction will a) have the status Dropped & Replaced. You can b) click on the transaction ID of the replaced transaction to confirm where the funds in the replaced transaction were sent, as well as the amount.


Keep in mind that not all Dropped & Replaced transactions are scam transactions. Sometimes the feature is used to speed up a stuck transaction. To determine if it is a potential scam, it is important to ensure which address the funds were sent to.


Don't trust others to help set up your wallet

Some scammers will offer to help you set up your Exodus wallet (or another crypto wallet), or they claim that they can assist with an issue you are having with the wallet.

These scammers will pretend to help you, try to confuse you, and take advantage of the situation to gain access to your 12-word secret recovery phrase and steal your funds. Some will even pretend to be Exodus Support.

A good rule of thumb is never to trust anyone to help set up your wallet, in person or remotely. During the setup of your Exodus wallet, you'll need to view and back up your 12-word secret recovery phrase. It's crucial to keep your 12-word secret recovery phrase to yourself, safe, and secret.

One common method is trying to scan your wallet's sync QR code. Never let anyone sync their wallet to yours, otherwise they will have full access to your funds.

For example, a scammer could try to confuse you by remotely accessing your device and then change which fiat currency the value of your crypto is shown in, so it looks like you have a different amount of funds.

If you are ever concerned about the value of your crypto or the amount you hold, you can always check your balance using a blockchain explorer: Why should I use a block explorer?

Remember that you should never share your 12-word secret recovery phrase, private keys, or sync QR code with anyone, including Exodus. Exodus Support will never ask for sensitive information, including secret recovery phrases, private keys, passwords, or sync QR codes.

If you ever have an issue with your wallet, or if you need help setting it up, then make sure you contact the official Exodus support team: How do I contact Exodus Support?


Don't share your sync QR code

Some scammers may try to steal your funds by syncing to your wallet. They might ask you to share your screen or take a screenshot so they can view and scan your sync QR code.

If a scammer gets access to your sync QR code, they can request syncing to your wallet, and if that request is accepted, they will have full access to your wallet.

It is important never to share information like your 12-word secret recovery phrase, private keys, or the sync QR code with anyone. Legitimate Exodus Support will never ask for this information.


Don't allow anyone remote access to your device

Never allow anyone remote access to your device for any reason. This is a common method scammers use when they try to steal funds and wallet information.

Some scammers might offer help or pretend to be a support agent, then ask you to download software to allow them to remotely access your device so they can help you.

Don't do it. Never allow anyone to get remote access to your device.

Once a scammer gets access to your device, they might attempt to steal your information, steal your funds, install malware, or make unauthorized transactions.

Exodus Support will never ask to access your device remotely.

If you ever have an issue with your wallet, or if you need help when you're setting it up, then make sure you contact the official Exodus support team: How do I contact Exodus Support?


You may have received an email that your Exodus wallet has been linked to Binance, Coinbase, or another crypto platform.

This is a scam. It's not possible for your Exodus wallet to be linked to any other platform. The scammer wants you to provide your 12-word secret recovery phrase so they can steal your funds.

Exodus Support will never ask for your secret recovery phrase or your private keys.


Watch out for scams on Telegram

Scammers on Telegram will often pretend to offer help or even pretend to be from Exodus Support in an attempt to try to access your wallet or steal your wallet information.

Exodus does not offer support on Telegram. If someone on Telegram claims to be from Exodus Support on Telegram, then it is a scam.

If you need to contact Exodus Support, please see the following article for more information on how to contact Exodus: How do I contact Exodus Support?

To keep your funds safe, never share your 12-word secret recovery, private keys, or sync QR code with anyone. Legitimate Exodus Support will never ask you for this information.

Some scammers on Telegram may try to steal your funds by syncing to your wallet. They might ask you to share your screen so they can view and scan your sync QR code. If they get access to that QR code, they can scan it to sync to your wallet, then they will have full access to your wallet.

Never trust anyone to help set up your wallet, don't allow anyone to remote access your device, and be careful of screen sharing, as scammers might try to get you to share sensitive information that they can use to access your wallet and steal your funds.


Recovery scams

Recovery scams are schemes that pretend to help people recover lost or stolen funds. These scams often involve individuals or groups who claim to have special expertise or resources that can help recover lost funds. In reality, they are trying to steal more funds from people who may already be victims of scams.

Recovery scams take a variety of forms, such as phishing scams, fake recovery websites, or impersonation scams, and they may target victims who have lost funds through scams or hacks, or who are simply looking for a way to recover funds that they believe were lost due to a mistake or oversight.

It is important to be cautious when seeking help to recover lost funds, as genuine recovery services are rare. Scammers often use convincing tactics to trick people into believing their ability to help is legitimate.

Because of the way blockchain technology works, it is very difficult to recover crypto once it is lost or stolen.


Exodus imposters

Scammers will pose as Exodus and will sometimes contact users with spoofed emails to trick users in an attempt to steal their funds. It is a method commonly used by scammers performing spear phishing attacks.

Some of these Exodus imposters might falsely claim that there has been a data breach, action needed to protect or claim your funds, or request that other urgent actions be taken. These are tell-tale signs that the email did not come from Exodus.

Exodus is a non-custodial wallet, you will never be asked to validate your wallet, and Exodus will never ask for your private keys or your 12-word secret recovery phrase.


Don't validate or verify your wallet!

If you are ever asked to enter your 12-word secret phrase or private keys into a form, send them to a support agent to validate or verify your wallet, or prove the wallet belongs to you, don't do it!

No legitimate support team will ever ask for 12-word secret recovery phrases, private keys, or passwords.

The only reason anyone would ask for this information is to steal your money.


Be careful when sending crypto using QR codes

If you're asked to send a small amount of crypto to verify your wallet address by scanning a QR code, don't do it!

When the scammer's QR code is scanned, it overwrites the amount that you enter and pre-fills it with an amount set by the scammer. This amount is usually much higher than what you expect to send.

The scammer hopes you won't check the amount before sending the transaction. If you confirm the transaction, then you'll send much more crypto than you expect. And because crypto transactions are irreversible, there will be no way to get your money back.

So if you ever send funds by scanning a QR code, always check the amount of crypto before you hit send.

Never send funds to anyone asking you to confirm your wallet details. Exodus is a self-custody wallet, so will never ask you to verify or validate your wallet.


Honeypot scams: Don't import unknown secret recovery phrases or private keys!

This is a scam to steal your crypto that you send to use for network transaction fees.

Scammers will provide you with a wallet's 12-word secret recovery phrase and/or private key to recover funds in the wallet.

There is usually a large sum of crypto in the wallet, often USDT, but there's no crypto to pay for the network transaction fee.

If you send any crypto to a wallet that scammers have access to, they will steal it immediately.

USDT on TRON

If the funds are on the TRON network, you might have restored a multi-sig wallet. Multi-sig wallets require more than one private key to access funds. Without all the necessary private keys (signatures), you won't be able to withdraw the funds.

This leaves the TRX in the wallet for the scammers, and you won’t have the necessary permissions to access any tokens in the wallet.

On other networks, such as BNB Smart Chain, these wallets are equipped with bots that send your crypto to another wallet as soon as it's received.

Never send funds to a wallet where the permissions for the wallet have been changed. If you wish to delete your current wallet and create a new Exodus wallet, please visit: How do I delete my wallet and start over?

If you’ve restored a multi-sig TRON wallet in Exodus, you will see a warning, as shown in the examples below, and you will be unable to send or receive TRON and TRON tokens.

Mobile

Desktop

USDT on Ethereum

If the funds are on the Ethereum network, the address has probably been blocked. This means that the USDT in the wallet is not transferable.

Because of this, you'll see a prompt to add more gas than would be required for a normal token transfer or swap.

Do not send any ETH to this address!

You will not be able to access the USDT, because it's blocked, and the scammers will steal your ETH and send it to another wallet.


Address poisoning: Unrecognized transactions with zero value

If you see zero-value transactions that you don't recognize in your wallet, you may have been targeted by scammers. Transactions like these are known as address poisoning.

Scammers try to steal your assets by tricking you into sending them to the wrong address. They hope you’re not paying attention or in a hurry, so rather than double-checking that you have the correct address, you’ll send your crypto to the scam address because it shows up as a recent transaction in your wallet.

Although this scam may not seem as dangerous as others, it can still trick you into sending your assets to a scammer's address. So let's take a closer look at how this scam works.

Scammers create a fake address that looks similar to a real one you use. Then they send a small transaction to your address or create a fake transaction that looks like it's from you.

The scammer hopes you will mistakenly send your assets to the fake address from your transaction history, instead of the correct address.

Here at Exodus, we do everything we can to keep you safe. We've added a feature that hides zero-value transactions on all supported EVM networks.

If you're using another wallet, always double-check the address you're sending assets to. Make sure each letter and number matches the trusted address, so you can be sure you're sending it to the right person.


Investment scams

There are many different types of investment scams in traditional finance and in crypto. These scams often involve tricking people into believing they will earn a high rate of return on their investment when in reality, the investment is either worthless or does not exist. Investment scams can take many forms, including Ponzi schemes, pyramid schemes, and fake investment opportunities.

Ponzi schemes involve paying returns to earlier investors using the investments of newer investors rather than using any actual profits from investments. This creates the appearance of a successful investment. Eventually, the scheme collapses when there are not enough new investors to support the returns promised to earlier investors.

Pyramid schemes are similar to Ponzi schemes, but they involve recruiting new members to join the scheme rather than relying on investment funds. Each new member is required to pay a fee to join, and in return, they are promised a share of the profits generated by the members they recruit. Like Ponzi schemes, pyramid schemes eventually collapse when there are not enough new members to sustain the returns promised to earlier members.

Fake investment opportunities involve offering fake or worthless investments to people and may include things like buying into a fake company or investing in a non-existent product.

Investment scams can be difficult to spot, as scammers often use sophisticated tactics to create a sense of urgency or to create the impression that the investment is legitimate.

It is important to be wary of any investment opportunity that seems too good to be true and to do research and due diligence before investing. It is also a good idea to seek the advice of a financial professional or to check with regulatory agencies to verify the legitimacy of an investment opportunity. One way to spot scams that others have fallen victim to in the past is by simply searching the name of the company or proposed investment with the word "scam."

Investment scams can be difficult to spot, but there are several red flags that may indicate that an investment opportunity is a scam:

  1. Guaranteed high returns. Be wary of any investment opportunity that promises guaranteed high returns, as most legitimate investments carry some level of risk.

  2. Pressure to invest quickly. Scammers may try to create a sense of urgency to pressure you into investing before you have a chance to fully research the opportunity.

  3. Unsolicited offers. Be cautious of unsolicited investment opportunities, especially if they come from someone you do not know or have not done business with before.

  4. Lack of transparency. A legitimate investment opportunity should provide clear and detailed information about the investment, including how the funds will be used and the potential risks and rewards. If an investment opportunity is vague or does not provide this information, it may be a scam.

  5. Requiring upfront fees. Be cautious of any investment opportunity that requires upfront fees or requires you to transfer money to an individual or company you do not know.

  6. Unregistered investment products or advisers. Check with your country's regulatory agencies to ensure that the investment product and the adviser offering it is registered and legitimate.


Fake NFT Vouchers

If you receive an unexpected NFT in your NFT Gallery that advertises you have won a voucher for free money, crypto, or other crypto prizes, it is likely a scam.

The fake NFT voucher will often include a link to a malicious website.

On the website, the scammer will try to steal your funds or gain access to your account by asking you to enter your secret recovery phrase or private keys or authorize a malicious transaction.

Never share your secret recovery phrase or private keys with anyone, and never sign any suspicious transactions. For more information, visit: how do I keep my money safe?

If you see a fake NFT voucher, don't interact with it, don't visit any of the links, and don't send the NFT.

To avoid interacting with it or any of the links, you can hide the NFT. To learn how to hide an NFT, visit: How do I hide an NFT?


Dust attacks

Dust attacks involve an attacker sending very small amounts of crypto to multiple crypto addresses. The low value being sent can make them easy to miss. With dust attacks, the attacker's goal is typically one of two things:

  1. For account-based assets, the dust transaction might include malicious links leading to malware, phishing sites, or advertisements in the transaction details.

  2. For UTXO-based assets, an attacker might send dust to an address to try and reveal the other addresses the owner has by analyzing the movement of the dust.

To learn more about how to protect your funds if you’ve received a dust attack, please visit: What is a dust attack and how do I deal with it?


How can I protect myself from scammers?

Protect your private information

The easiest way to protect yourself from being phished is to know what information is for your eyes only. Your 12-word secret recovery phrase and your private keys should not be shared with anyone. There is no legitimate reason why anyone, including crypto support staff, would need this information. The only reason someone would ask you for this information is to steal your funds.

Never enter your private keys or secret recovery phrase into any website. For more information on this, you can check out this article:

Remember, Exodus is a self-custody wallet. Our staff will never ask you to verify your wallet. They will never ask you for your secret recovery phrase or private keys. Should you ever receive this type of email or direct message (DM), please ignore the contents and do not click on any links.

For more information about this, visit:


How to contact Exodus Support

Remember there are no traditional accounts with Exodus. This means Exodus doesn’t have your email address unless you sign up for our newsletter. We will only contact you directly via email as a reply to an inquiry you’ve already sent to us.

If you need to reach out to Exodus Support, please do so through our official channels. We have staff on the major social media channels, but our staff will never DM you. If someone is DMing you on a social media platform, they are likely a scammer. Our social media team will only post public replies.

Please see the following for more information on how to get in touch with us:

If you have already been scammed, note that blockchain transactions are permanent and can't be reversed - this is a core component of blockchain technology. Exodus provides a software interface with the blockchain.

Only your local law enforcement agency might be able to assist you. Learn how to report the crime here: How do I report the crime?


Further resources

If you are interested in reading more about how to keep yourself and your crypto safe, you can visit these resources:

Did this answer your question?