Guide . Security
How to spot a crypto scam and protect yourself
Most crypto is lost to forgotten passwords — but plenty is simply stolen. Here are the scams we see most, and the habits that stop them.
As a recovery company we meet people on the worst day of their crypto lives, and a painful share of those cases aren’t forgotten passwords — they’re thefts that were avoidable. This guide walks through the scams that actually work and the simple practices that defeat them.
Phishing and look-alike sites
The classic attack is a fake site that looks like the real one. Scammers register domains with swapped or accented characters — a Cyrillic letter that looks like a Latin one, or an extra character you won’t notice in a hurry — so binance.com reads as “binance.com” at a glance. Rules that defeat it: never click links in emails, DMs or ads to reach a crypto site; type the address yourself or use a saved bookmark; and check the full URL and the SSL certificate before entering anything, any that looks strange just leave the page immediately.
Fake recovery services
This one is personal, because scammers impersonate companies like ours. The tells are consistent: they contact you first (on Telegram, X, Facebook, Quora, Instagram), they guarantee recovery, they demand an upfront fee, or they ask you to enter your seed phrase or private key into a site or form. A real recovery service never does any of these. We never message people first, never take upfront payment, never ask for your full seed, and never sell “recovery software.” If someone using our name does, it’s an impersonator — and their goal is to drain the wallet you’re trying to save.
SIM swaps and the 2FA myth
SMS two-factor authentication feels safe and isn’t. Attackers clone or social-engineer your SIM — sometimes by tricking your carrier into issuing a replacement — then intercept the codes texted to “your” number. During busy conference seasons this has been used to target known holders directly. Protect yourself: add a port-out PIN or password with your mobile carrier, and use an authenticator app or a hardware security key instead of SMS wherever a service allows it.
Password reuse and credential leaks
When any site you use gets breached — and they do — the first thing attackers try is those same credentials everywhere else. If your exchange login matches your email login or a social account, one leak compromises all of them. Never reuse a login and password across critical services; give your exchange, the email tied to it, and your social accounts each a unique, strong password, ideally from a password manager.
DNS and network attacks
Even a correctly typed address isn’t always safe. In one well-known 2018 incident, attackers used a BGP/DNS hijack to reroute a popular wallet site’s traffic to their own servers; users who ignored a certificate warning and logged in sent their keys straight to the thieves, losing a substantial sum. The defence is boring but decisive: never dismiss an SSL/TLS certificate warning on a crypto site. If your browser says the certificate is invalid or from an unknown authority, stop — that warning is the system doing its job.
When sending, verify everything
A whole category of loss comes from address-swapping malware and simple haste. Always check the full receiving address, not just the first and last few characters, since clipboard hijackers replace it with a look-alike. Send a small test amount first when using a new address or network. And confirm you’re on the right chain before sending, because the same address can exist on many networks.
Extra care when travelling and at events
Crypto conferences and public spaces are hunting grounds. Known holders have been physically watched and socially engineered at events, and public Wi-Fi is trivial to snoop. Treat any device you use for crypto as a target when you’re out: avoid logging into exchanges or wallets on public networks, don’t discuss holdings with strangers who seem unusually interested, and be wary of “helpful” new contacts who quickly steer the conversation toward your wallets. The friendliest person at the bar is sometimes the most dangerous.
Your quick safety checklist
Boil it down to habits you actually keep: reach crypto sites only by typing the address or using a bookmark, never a link; use an authenticator app or hardware key, never SMS, and set a carrier port-out PIN; use a unique strong password for your exchange, its email and your socials; never dismiss a certificate warning; check the full receiving address and send a test amount first; and never, under any circumstances, enter your seed phrase into a website or hand it to someone who contacted you first. Do those, and you’ve closed the doors on the overwhelming majority of crypto theft.
Các câu hỏi thường gặp
Are hardware wallets safe from these scams?
Much safer, because the keys never leave the device — but you can still be phished into approving a malicious transaction or into revealing your seed. Buy only from official sources and never enter your seed anywhere.
How do I know if a recovery service is a scam?
Red flags: they contact you first, guarantee recovery, demand upfront payment, or ask for your seed phrase or private key. Legitimate services never do these — they work success-based and never need your full seed.
Is SMS 2FA safe for crypto?
Not really. SIM swaps let attackers intercept SMS codes. Use an authenticator app or a hardware security key, and add a port-out PIN with your mobile carrier.
Someone on Telegram says they’re from KeychainX — is it real?
No. We never contact people first on Telegram, X, Facebook or any platform, and never ask for credentials or upfront payment. Anyone who does is impersonating us.
What’s the single best habit to avoid scams?
Never click links to reach a crypto site — type the address or use a bookmark — and never enter your seed phrase into any website or form.
I ignored a certificate warning and lost funds — can you help?
If keys were phished, the funds are usually gone once moved. Recovery services help with lost access to your own wallet, not theft that’s already left your control.
Not sure if you’re being scammed?
If you’ve lost access to your own wallet (not to a scammer), that’s what we recover — success-based, nothing upfront. Reach out and we’ll tell you honestly.
