In 2025 alone, over $12 billion was lost to cryptocurrency scams globally, according to Chainalysis. The FBI's Internet Crime Complaint Center (IC3) reported that crypto investment fraud accounted for 86% of all investment scam losses, with victims aged 30–49 being the most targeted. The good news? Almost every scam follows predictable patterns. This guide teaches you to recognise the eight most common crypto scams active in 2026 – before you lose a single satoshi.
- 1. Pig Butchering (Sha Zhu Pan) – The Romance Scam That Drains Life Savings
- 2. Honeypot Tokens – The Contract That Traps Your Money Forever
- 3. Fake Exchange Apps & Websites – When the Platform Is a Complete Fraud
- 4. Rug Pulls – How Developers Steal Millions From Liquidity Pools
- 5. Address Poisoning – The Clipboard Attack That Redirects Your Crypto
- 6. Approval Phishing – Signing One Transaction Can Drain Your Wallet
- 7. AI Deepfake Impersonation – Fake Elon Musk & "Double Your Crypto"
- 8. Fake Giveaway & Influencer Scams – The Oldest Trick, Now AI-Powered
- The Ultimate Crypto Scam Prevention Checklist
- What to Do If You've Been Scammed (Immediate Steps)
- Frequently Asked Questions About Crypto Scams
1. Pig Butchering (Sha Zhu Pan) – The Romance Scam That Drains Life Savings
Pig butchering (Chinese: 杀猪盘, shā zhū pán) is the most financially devastating crypto scam in 2026. Scammers spend weeks or months building a romantic or friendship relationship with victims – "fattening the pig" – before convincing them to invest in a fake crypto trading platform. Once the victim sends significant funds (often life savings), the scammer disappears.
How it works: Typically starts on dating apps (Tinder, Bumble), social media (Instagram, Facebook), or even WhatsApp "wrong number" messages. The scammer presents as a successful, attractive professional. After building trust, they casually mention a "crypto arbitrage opportunity" or "forex trading strategy" that has made them wealthy. They guide the victim to a professional-looking website or app (completely fake) where initial small withdrawals are allowed to build confidence. Once the victim deposits $50,000+, withdrawals are blocked, and the scammer vanishes.
Red Flags – Pig Butchering
- Someone you've never met in person pushes you toward a crypto investment platform.
- The platform shows consistently high "profits" (e.g., 10–20% per week) with no losses.
- You're asked to send crypto directly to a wallet address, not through a regulated exchange.
- Withdrawals are denied after you request to take out large sums (fees, taxes, or "minimum balance" excuses).
- The person becomes hostile or emotional when you express skepticism.
Real-world scale: The FBI reported over $3.9 billion lost to pig butchering in 2024 alone, with average victim losses of $145,000. In 2026, these scams now incorporate AI-generated profile pictures, deepfake video calls, and even fake news articles about the "platform." If someone you've never met in person talks about crypto investing – assume it's a scam.
2. Honeypot Tokens – The Contract That Traps Your Money Forever
A honeypot token is a smart contract that allows you to buy the token but prevents you from selling it. Scammers create a token, hype it on social media or through "pump and dump" groups, then when you try to sell your position, the transaction always fails. Your money is permanently locked in the token, and the scammers drain the liquidity.
How to spot a honeypot: Use blockchain explorers (Etherscan, BscScan) and tools like Honeypot.is or Token Sniffer. Look for contracts with "hidden" sell tax (e.g., 99% sell fee) or functions that blacklist addresses. Also, check if the contract ownership is renounced – if the owner can mint new tokens or modify fees, it's a red flag.
Verification Step Before Buying Any Low-Cap Token
Before buying any token that isn't listed on major exchanges (BTC, ETH, SOL, etc.), paste the contract address into Honeypot.is and TokenSniffer. These tools simulate buys and sells to detect hidden fees. Also, check the token's liquidity lock on Unicrypt or Team Finance – if liquidity isn't locked for at least 12 months, consider it a scam.
For a deeper understanding of smart contract risks, read our DeFi Security in 2026 guide.
3. Fake Exchange Apps & Websites – When the Platform Is a Complete Fraud
Fake exchanges are designed to look exactly like Binance, Coinbase, or Kraken – sometimes with domain names like "binance-verify[.]com" or "coinbasepro-login[.]net". These sites steal your login credentials, 2FA codes, and then drain your funds. In 2026, scammers also create fake mobile apps on unofficial app stores or via direct APK download links sent via SMS or Telegram.
Red flags: The URL has a typo or extra word (e.g., "binance-secure[.]com"). The website asks for your seed phrase (real exchanges never do). The app isn't available on the official Apple App Store or Google Play Store. Customer support is only via Telegram or WhatsApp – no official email or ticket system.
How to Verify an Exchange
Always type the exchange URL manually into your browser – never click links from emails or messages. Bookmark the official URL. Enable withdrawal whitelist addresses on your real exchange account. If you're unsure, search the exchange name + "scam" or "review" on Reddit or Trustpilot before depositing any funds.
For a list of legitimate platforms, see our Binance vs Coinbase vs Kraken comparison and Crypto Security in 2026.
4. Rug Pulls – How Developers Steal Millions From Liquidity Pools
A rug pull happens when a DeFi project's developers suddenly remove all liquidity from a trading pair, making the token worthless. This is common with new "meme coins" or yield farms that promise insane APY (e.g., 1,000%+). The developers hype the project, attract millions in deposits, then drain the liquidity pool and disappear.
Famous examples: Squid Game token (2021) – $3.3 million rug pull. AnubisDAO (2021) – $60 million. In 2025, over $2 billion was lost to rug pulls, mostly on BNB Chain and Solana memecoins.
How to Avoid Rug Pulls
- Check if liquidity is locked (use Unicrypt or Team Finance). If the team can unlock and withdraw liquidity at any time, avoid.
- Verify the team is publicly doxxed – anonymous teams are a major red flag.
- Look for a legitimate audit from a known firm (CertiK, Hacken, Trail of Bits). Beware of fake audits.
- Avoid projects promising unrealistic APY (over 50% on stablecoins or over 500% on volatile pairs).
Learn more about safe yield farming in our Yield Farming in 2026 guide.
5. Address Poisoning – The Clipboard Attack That Redirects Your Crypto
Address poisoning (also called "address spoofing" or "clipboard hijacking") is a tactic where scammers send a tiny amount of crypto (e.g., 0.000001 ETH) to your wallet from a wallet address that looks very similar to one you've used before. When you later copy a transaction address, you might accidentally paste the scammer's address because it matches the first and last few characters. Many users don't verify every character of a 42-character Ethereum address.
Prevention: Always verify at least the first 6 and last 6 characters of any address before sending crypto. Use ENS (Ethereum Name Service) or Solana Name Service to send to human-readable names like "vitalik.eth" instead of raw addresses. For large transactions, send a small test transaction first.
Address Verification Rule
When sending crypto, use the "address book" feature in your wallet (MetaMask, Phantom, etc.). Save frequently used addresses once, then select from the list – this eliminates copy-paste errors. For new addresses, triple-check the full address before hitting send.
6. Approval Phishing – Signing One Transaction Can Drain Your Wallet
Approval phishing (also called "ice phishing") tricks you into signing a transaction that gives a scammer permission to spend a specific token from your wallet. You might think you're signing a normal "approve" for a DeFi swap, but the approval is for the scammer's address. Once signed, they can drain that token type without further confirmation.
How to avoid: Never sign approvals on unknown websites. Use a hardware wallet for large DeFi positions – it forces physical confirmation. Regularly revoke token approvals using Revoke.cash or Etherscan's token approval tool. If you suspect you've approved a scammer, revoke immediately.
For a full walkthrough, read our Crypto Security in 2026 guide which includes step-by-step approval revocation.
7. AI Deepfake Impersonation – Fake Elon Musk & "Double Your Crypto"
AI deepfake technology has advanced dramatically. In 2026, scammers create real-time deepfake videos of Elon Musk, Vitalik Buterin, Michael Saylor, or other crypto influencers promoting "giveaways" – "Send 1 ETH to this address and get 2 ETH back." The deepfakes are convincing enough to fool even experienced users. Scammers also use AI voice cloning to impersonate family members or exchange support staff over the phone.
The hard rule: No legitimate person or company will ever ask you to send crypto to an address for a "giveaway" or "verification." Zero exceptions. If you see a video of a celebrity promoting a crypto giveaway, it's 100% a deepfake scam.
8. Fake Giveaway & Influencer Scams – The Oldest Trick, Now AI-Powered
These scams promise to multiply your crypto if you send a small amount first. "Send 0.1 BTC to this address, and we'll send back 0.2 BTC as part of our launch promotion." The scam accounts impersonate real influencers (with verified checkmarks sometimes) and use hacked Twitter or YouTube accounts to broadcast the scam. In 2026, scammers also buy verified accounts and run live deepfake streams for hours before the platform takes them down.
Remember: If it sounds too good to be true, it is. The only people who can "double your crypto" are scammers. Legitimate airdrops never ask you to send funds first.
For real airdrop opportunities that are safe, see our Crypto Airdrops in 2026 guide – but note that legitimate airdrops are free; you never pay to receive them.
The Ultimate Crypto Scam Prevention Checklist
What to Do If You've Been Scammed (Immediate Steps)
If you realise you've sent crypto to a scammer or signed a malicious approval, act immediately:
- Revoke token approvals – Go to Revoke.cash or Etherscan's token approval tool and revoke all suspicious approvals. This prevents further drains.
- Move remaining funds – Transfer all remaining assets from the compromised wallet to a new wallet with a fresh seed phrase. Do this before revoking approvals if gas fees are high, but prioritise speed.
- Report to authorities – File a report with your local law enforcement, the FBI's IC3 (ic3.gov), and the crypto exchange where the funds were sent (if identifiable). Provide transaction hashes.
- Warn the community – Post the scammer's wallet address and details on Reddit (r/cryptoscams), Twitter, and crypto scam alert groups.
- Monitor for recovery scams – Scammers often return pretending to be "fund recovery services" who can get your crypto back for a fee. These are also scams. Once crypto is sent to a scammer, it's almost never recoverable.
Recovery Scams
If someone contacts you claiming they can recover your stolen crypto for an upfront fee, it's a recovery scam. No legitimate service can reverse blockchain transactions or force a scammer to return funds. Only law enforcement with a court order might freeze exchange accounts – but that's rare and never requires you to pay a "recovery fee."
Frequently Asked Questions About Crypto Scams
Unfortunately, once crypto is sent to a scammer's wallet, it's nearly impossible to recover. Blockchain transactions are irreversible. The only exceptions are if the scammer uses a centralised exchange (CEX) and law enforcement can freeze the account – but this is rare and requires a court order. Beware of "recovery services" that ask for upfront fees; they are almost always scams themselves. Your best action is to report the incident to the FBI's IC3 and local authorities, and to warn the community.
Stick to well-known exchanges with long track records: Binance, Coinbase, Kraken, OKX, Bybit. Verify the URL by typing it manually – never click links from emails or messages. Check if the exchange has proof-of-reserves audits, transparent leadership, and regulatory licences in your jurisdiction. Avoid exchanges that have no online presence, anonymous teams, or that pressure you to deposit quickly. Read our exchange comparison guide for details.
Immediately go to Revoke.cash or Etherscan's token approval tool and revoke the approval for that contract address. Then, move all funds from that wallet to a new wallet with a fresh seed phrase. If you have a hardware wallet, use it for all future approvals. Never approve contracts on websites you don't 100% trust.
Hardware wallets (Ledger, Trezor, Coldcard) protect your private keys from online attacks, but they do not protect you from signing malicious transactions. If you approve a scam contract using your hardware wallet, your funds can still be drained. However, hardware wallets add a physical confirmation step, which gives you a chance to review the transaction details. They also prevent seed phrase theft from malware. For large holdings, a hardware wallet is essential. See our Best Hardware Wallets in 2026 guide.
For beginners, the most common scam is "imposter support" – someone pretending to be from Coinbase, Binance, or MetaMask, claiming your account has been compromised and asking for your seed phrase or for you to "verify" by sending crypto to a wallet. Legitimate support will never ask for your seed phrase. Never share it, and never send crypto to someone claiming to be support. Also common: fake airdrops that require you to "connect your wallet" to claim – this is an approval phishing attack.