CoinBrew CoinBrew
Subscribe
Guides · CoinBrew

10 Crypto Scams to Avoid in 2026 (and How to Spot Them)

Crypto scams stole over $9 billion from victims in 2024. In 2025, that number grew. And in 2026, scammers are more sophisticated than ever — using AI-generated content, deepfake videos of celebrities, and psychological manipulation that would fool most intelligent people.

This isn’t a scare piece. It’s a reference guide. Every scam on this list has taken real money from real people. Knowing the playbook is your best defense.

1. Rug Pulls

What it is: A team creates a token, hypes it, attracts liquidity, then suddenly withdraws all the funds and disappears. The token price crashes to zero instantly. You’re left holding worthless coins.

How it works: The team controls a large portion of the token supply or the liquidity pool. Once enough money has flowed in from retail buyers, they pull the rug — usually in the middle of the night, across time zones.

Red flags:

  • Anonymous or pseudonymous team with no verifiable track record
  • No smart contract audit, or an audit from an unknown firm
  • Contract has a “mint” function (letting devs create unlimited tokens)
  • No locked liquidity — if LP tokens aren’t time-locked, they can withdraw instantly
  • Massive token allocation to the “dev wallet” (>20-30% is suspicious)
  • Launch on a DEX with no CEX listing roadmap and no legitimate utility

Real examples: The Squid Game token (2021) went up 45,000% before the team pulled $3.38 million. BALD on Base (2023) created and drained $25 million in a single weekend.

Protection: Use tools like Token Sniffer, Honeypot.is, and GoPlus Security to scan contracts before buying. Look for time-locked liquidity on Unicrypt or Team Finance. If you can’t find who built it or verify the audit — walk away.

2. Phishing Attacks

What it is: Fake websites, fake emails, fake Discord messages that trick you into entering your seed phrase or signing a malicious transaction.

How it works: Scammers clone legitimate websites pixel-perfect. They buy Google Ads for “Metamask wallet” that lead to fake login pages. They send emails from domains that look like “support@coinbase-help.com.” They create fake Discord bots that DM you with “wallet verification required.”

Red flags:

  • URL doesn’t exactly match the real site (check every character — coinbase.com vs coinbaase.com)
  • Email from a domain that isn’t the official one
  • Any message asking for your seed phrase, private key, or to “verify” your wallet
  • Urgent language: “Your account will be suspended in 24 hours”
  • DMs from “support” you didn’t contact

Real examples: A fake Uniswap phishing site collected $8 million in 2022 by targeting LP position holders with a fake airdrop. Coinbase phishing campaigns regularly steal millions.

Protection: Bookmark every exchange and DeFi site you use. Never click links from emails — go directly. Install MetaMask’s phishing detection (it’s built in). Never, under any circumstances, enter your seed phrase anywhere except when restoring a wallet on your own device.

3. Fake Airdrops and Token Approvals

What it is: Random tokens appear in your wallet. When you try to sell them or interact with them, they drain your wallet.

How it works: Scammers airdrop worthless tokens to thousands of wallets. The token’s contract has a “transfer” function that, when you try to swap it on a DEX, calls an approve function giving the scammer access to your real assets. In some cases, just visiting a scam website and “checking” your balance triggers a malicious approval.

This has evolved. Modern “drainer” scripts can drain an entire wallet’s ETH and ERC-20 holdings in a single transaction if you sign a malicious approval — often disguised as a normal “connect wallet” request.

Red flags:

  • Tokens you never bought appearing in your wallet
  • Any token offering “claim” mechanics that require approving a contract interaction
  • NFT airdrops with suspicious names or links in their metadata
  • DEX showing a large $ value for a token you don’t recognize

Protection: Never interact with unknown tokens. Don’t try to “sell” tokens you didn’t buy — the sell attempt is the trap. Use Revoke.cash to regularly audit and revoke token approvals. Treat any unexpected airdrop as hostile by default.

4. Pig Butchering Scams (Sha Zhu Pan)

What it is: The most psychologically devastating scam in crypto. Scammers build romantic or close personal relationships with victims over weeks or months, then guide them into fraudulent crypto “investment platforms” and drain everything they have.

How it works: The term comes from Chinese criminal slang — “fattening the pig before slaughter.” The scammer (often themselves a victim of human trafficking in Southeast Asian fraud compounds) contacts you on dating apps, social media, or even by “wrong number” texts. They build trust over weeks. Eventually they casually mention their crypto investments. They show you “profits.” They invite you to “try” their platform.

The platform is fake. It shows you gains. You put in more. You try to withdraw — and suddenly face fees, taxes, or verification requirements that require more deposits. By the time you realize it’s a scam, you may have lost tens of thousands. Some victims have lost their life savings, retirement accounts, and taken out loans.

Red flags:

  • Unsolicited contact from attractive strangers online
  • Quick emotional connection and trust-building
  • Investment advice or a “can’t miss” opportunity introduced organically
  • A specific platform or app they use (always a fake exchange)
  • Profits you can see but can’t actually withdraw

Real scale: The FBI received over 35,000 pig butchering complaints in 2023 alone, totaling $3.96 billion in losses. These numbers are widely believed to be under-reported.

Protection: Be deeply skeptical of unsolicited financial advice from anyone you’ve met online. If someone you’ve never met in person starts talking about crypto investments, that’s the signal. The platform they use will always be fraudulent.

5. Fake Celebrity Endorsements and Deepfakes

What it is: AI-generated videos of Elon Musk, Michael Saylor, Cathie Wood, or other well-known figures promoting a fake token or “giveaway.” Increasingly indistinguishable from real content.

How it works: Deepfake technology has made it trivial to generate convincing video of anyone saying anything. Scammers create YouTube livestreams with deepfaked Elon Musk promoting a Bitcoin giveaway. “Send 1 BTC, get 2 BTC back.” YouTube’s algorithm mistakes them for real content. Millions see them.

On social media, fake accounts clone the profiles of influencers and celebrities — same profile picture, slight username variation — to promote pump-and-dump tokens.

Red flags:

  • Any crypto giveaway (real people never “double your crypto”)
  • Livestreams where the speaker seems slightly off or robotic
  • Celebrity accounts promoting specific tokens with urgent buy pressure
  • Giveaway mechanics requiring you to send first

Real examples: Scammers using fake Elon Musk videos stole over $2 million in a single YouTube scam in 2023. The problem has intensified with better AI tools.

Protection: No legitimate giveaway ever requires you to send anything first. Not from Musk. Not from MicroStrategy. Not from anyone. That rule has zero exceptions.

6. Pump and Dump Schemes

What it is: Coordinated groups buy a low-cap token, hype it across Telegram and Twitter to drive retail buying, then dump their bags on those buyers.

How it works: A group acquires a position in a tiny-cap token nobody’s heard of. They then flood crypto Telegram groups, Twitter, and Reddit with hype: “This gem is 100x incoming.” As retail buys in and the price spikes, the group sells. The pump-and-dump can happen in minutes or be sustained over days with coordinated shilling.

Red flags:

  • Sudden explosion of social media attention for an obscure coin
  • Telegram/Discord groups that feel manufactured
  • Coordinated messaging about a coin from multiple accounts simultaneously
  • Coin with tiny market cap, locked or whale-concentrated supply

Protection: By the time you hear about a pump, you’re already late. Either the dump is imminent, or you’re being recruited to buy so insiders can exit. If the entire thesis is “this will go up because people are buying,” that’s not a thesis — that’s a bag pass.

7. Honeypot Tokens

What it is: Tokens with a contract that lets you buy but not sell. You watch the price go up, try to sell, and the transaction reverts. You’re stuck.

How it works: A developer deploys a token contract with a custom transfer function that blacklists all wallets except their own from selling. The price is artificially supported by their own buys. Once enough victims are trapped, they drain the contract.

Red flags:

  • Can’t find the token on Uniswap’s verified list
  • Only a handful of wallets holding
  • No external audit
  • DEX shows buy orders but no successful sell transactions in the contract history

Protection: Before buying any token on a DEX, run it through Honeypot.is — it simulates a buy and sell to see if selling is possible. Takes 10 seconds. Worth it every time.

8. Fake Wallets and Apps

What it is: Fake MetaMask, Trust Wallet, or Ledger apps on the App Store or Google Play that steal your seed phrase on setup.

How it works: Scammers submit near-identical apps to app stores with slightly different names. Users who search “MetaMask” find the fake one, download it, enter their seed phrase to restore a wallet — and hand it directly to scammers.

This also extends to fake Ledger apps on desktop — and even physical fake Ledger devices sold on Amazon or eBay.

Red flags:

  • App store listing with low review count or recent creation date
  • Reviews that seem generic or fake
  • Developer name that doesn’t match the official team
  • Hardware wallets purchased from third parties (always buy from the manufacturer)

Protection: Download wallets only from official websites or verified links. For MetaMask, that’s metamask.io. For Ledger, that’s ledger.com. Never download based on App Store search results alone. And always buy hardware wallets directly from the manufacturer — never Amazon, never eBay, never a reseller you don’t know.

9. Romance and Social Engineering Scams

What it is: Scammers building trust (not necessarily romantic) over time, then gradually manipulating victims into sending crypto or providing access.

How it works: This overlaps with pig butchering but covers a broader category. It includes fake crypto mentors in Discord who build credibility over months, then offer to “manage your portfolio” (and steal it). Fake friends in gaming communities who gradually introduce investment opportunities. Even fake job offers that require a crypto payment to “unlock” your earnings.

Red flags:

  • Anyone online offering to manage your crypto
  • Investment opportunities introduced after trust is established
  • Requests for any form of payment in crypto before receiving services/payment
  • Unusually high guaranteed returns with no explanation

Protection: Never give anyone else access to your wallet or funds for any reason. Legitimate investment managers are licensed, regulated, and don’t recruit on Discord. If someone’s been unusually kind and generous and the topic eventually turns to money — that’s the model.

10. Fake Job Offers and Crypto Task Scams

What it is: Fake job listings that pay in crypto for “tasks” — but first require an upfront deposit that you’ll never see again.

How it works: You get a job offer (often on LinkedIn, WhatsApp, or Telegram) to do simple tasks: rating products, “boosting” apps, watching videos. It pays in USDT. You complete tasks and see earnings accumulate in your account. But to “unlock” the earnings or advance to better-paying tasks, you need to deposit more funds. Eventually your “account” is frozen, the deposit is gone, and the scammers vanish.

This is particularly predatory because it targets people in financial difficulty looking for legitimate remote work.

Red flags:

  • Jobs that pay in cryptocurrency for simple digital tasks
  • Earnings you accumulate but can’t withdraw until you deposit more
  • WhatsApp or Telegram job offers from unknown contacts
  • Salaries that are suspiciously high for simple tasks

Protection: Legitimate jobs do not require upfront deposits. No real employer asks you to invest money to receive your salary. If the earning mechanism involves depositing crypto, it’s a scam — no exceptions.

General Rules That Apply to Everything

Slow down. Scammers manufacture urgency — “limited time,” “before the price pumps,” “act now.” Urgency is a manipulation tool. Real opportunities don’t expire in an hour.

Verify independently. When someone sends you a link or contract address, find it yourself through official sources. Don’t copy-paste from DMs.

Seed phrase = everything. Your 12/24-word recovery phrase is the master key to your wallet. Entering it anywhere except your own device to restore your wallet is an immediate zero.

If it sounds too good, it is. Guaranteed returns in crypto don’t exist. 100x yield on stablecoins doesn’t exist sustainably. Anyone who says otherwise is lying to you.

Use separate wallets. Have a hot wallet for interacting with new protocols and DeFi. Keep your main holdings in a cold wallet that you rarely connect to anything. Compartmentalizing limits blast radius.

FAQ

What should I do if I get scammed? First, revoke any token approvals immediately (Revoke.cash). If funds are gone, they’re likely gone — crypto transactions are irreversible. File a report with the FBI’s IC3 (ic3.gov), the FTC (reportfraud.ftc.gov), and your country’s equivalent. In rare cases where exchanges are involved, freeze/flag requests can intercept funds. Document everything with screenshots.

Are rug pulls illegal? In most jurisdictions, yes — securities fraud, wire fraud, and theft laws can apply. The challenge is that many rug pull teams are anonymous and operate across jurisdictions. Law enforcement has made arrests (the Frosties NFT rug, the Centra Tech case, the Mango Markets exploiter), but prosecution remains difficult and recovery is rare.

How do I check if a crypto contract is safe? Use a combination of tools: Honeypot.is (simulate buy/sell), Token Sniffer (automated audit scan), GoPlus Security (contract risk flags), and Etherscan’s contract read functions to check ownership, mint functions, and supply. For larger investments, read the actual audit report from a reputable firm (Trail of Bits, OpenZeppelin, Halborn, Spearbit).

Can stolen crypto be recovered? Almost never from a technical standpoint. Blockchain transactions are irreversible. However, if stolen funds hit a centralized exchange, law enforcement can sometimes freeze them — this is how some victims have partially recovered funds. On-chain analytics firms (Chainalysis, TRM Labs) work with law enforcement to trace stolen crypto. The success rate for recovery is low, but not zero.

Why are crypto scams so much worse than traditional financial scams? Three reasons: irreversibility (no chargebacks on blockchain transactions), pseudonymity (harder to identify and arrest scammers), and the global, 24/7 nature of the market (no bank hours to slow things down). Traditional finance has consumer protection infrastructure built up over decades. Crypto is still in the wild west phase of that development.