How to Avoid Crypto Scams: The Cornerstone Safety Guide

Crypto's biggest risk for most people isn't the market — it's getting scammed out of their coins. The good news: almost every scam relies on the same few tricks, and a handful of simple habits will protect you from nearly all of them. This is the guide we wish every beginner read first.

💡

The 20-second version

Scammers want one of two things: your seed phrase, or a transaction you send them. Never share your recovery phrase, never connect your wallet to a site you didn't seek out yourself, slow down whenever anyone creates urgency, and verify everything through official channels. If it sounds too good to be true, it always is.

How crypto scams actually work

Crypto is catnip to scammers for one structural reason above all: transactions are irreversible. There's no bank to call, no chargeback to file, no fraud department to claw a payment back. Once coins leave your wallet, they're gone — the way cash handed to a stranger on the street is gone. That single fact shapes the entire scam economy around crypto, and it's why fraud here is so much more punishing than a dodgy card payment you can dispute.

Once you see that, the dizzying variety of scams collapses into something far simpler. Strip away the costumes — the fake support agent, the friendly stranger, the too-good giveaway — and almost every scam is trying to get you to do one of just two things: reveal your seed phrase, or willingly approve a transaction that sends your funds away. That's it. Everything else is set dressing. Learn to spot those two underlying goals and the disguises stop working, because you stop reacting to the story and start asking, 'wait — is this trying to get my phrase, or get me to sign something?'

⚠️

This is education, not financial advice

Crypto is volatile and unregulated in many places, which is part of why scams thrive here. Only risk what you can afford to lose, never borrow to invest, and treat any 'guaranteed return' as a guaranteed scam. We make no price predictions and recommend no purchases.

The most common scams to recognise

These are the big ones you'll actually run into. They're listed not so you can memorise every variation — scammers invent new ones constantly — but so you start to feel the family resemblance between them. Notice how nearly all of them end with either your seed phrase or your signature:

Fake support / seed-phrase phishing — a 'support agent', usually appearing in a DM or a fake pop-up, asks you to 'verify', 'sync' or 'validate' your wallet by entering your recovery phrase. Real support never, ever needs it. This is the most common way people lose everything.
Phishing sites — a near-perfect copy of a real exchange or wallet, often reached through a sponsored search ad or a link in an email. You log in as normal and hand your credentials straight to the thief without realising.
Giveaway / doubling scams — 'send 1 ETH and we'll send 2 back', frequently dressed up with a fake celebrity video or a hacked account. The money you send never returns, because that was always the entire point.
Romance / 'pig butchering' — a warm, attentive stranger builds genuine-feeling trust over weeks, then gently steers you toward a fake investment app showing fake profits, until the day you try to withdraw and can't. These are patient and cruel.
Rug pulls and fake tokens — a shiny new coin or app that hoovers up deposits and then vanishes, developers and all. See how to spot a rug pull for the warning signs.
Malicious approvals / drainers — a slick site asks you to 'connect wallet' and sign a transaction that quietly grants it permission to move your tokens whenever it likes, draining you minutes or weeks later.

Red flags that appear again and again

Here's the liberating bit: you rarely need to correctly identify which exact scam you're facing. You just need to notice the warning signs they nearly all share. Scams are like a magic trick — endlessly varied on the surface, but built from the same few moves underneath. Spot the move and the trick falls apart:

Red flag	What they're hoping	What to do
Asks for your seed phrase	You'll hand over full control	Stop. It's always a scam.
Urgency: 'act now', 'account at risk'	You'll skip checking	Slow down and verify independently
Guaranteed or doubled returns	Greed overrides caution	Walk away
Unsolicited DM or 'support' contact	You'll trust the approach	Ignore; contact support yourself
Link to log in or 'connect wallet'	You'll enter details or sign	Type the URL yourself; don't click

If you remember only one line from this whole guide, make it this: urgency plus a request to act is the universal fingerprint of a scam. Genuine services and genuine opportunities can wait an hour while you check. Scams can't, because checking is exactly what kills them — so they manufacture panic to stop you doing it.

The habits that protect you

You don't need to be a security expert to stay safe — you need a few stubborn habits that you follow even when it's inconvenient, especially when it's inconvenient. These six between them shut down the overwhelming majority of attacks:

Treat your seed phrase as unshareable — full stop. No 'verification', no exception, no matter who's asking or how official it looks.
Reach websites by typing the address yourself or using a saved bookmark, never via search ads, emails, or links in DMs. Fake sites buy ads to sit right at the top of the results.
Slow down the instant something feels urgent. Scammers manufacture panic on purpose; legitimate services give you all the time you need.
Use a hardware wallet for any meaningful amount, so even a convincing phishing site can't move your funds without you physically confirming on the device.
Keep a separate 'burner' wallet holding only small amounts for trying new apps, and review and revoke old token approvals every so often.
Verify any surprising message through the official app or website you already trust and have used before — never through the link you were just sent.

✅

The 24-hour rule

If anything pressures you to move funds, send a payment, or 'act right now', give yourself a full 24 hours and a second opinion from someone level-headed. Almost no genuine opportunity evaporates that fast — but almost every scam does, which is precisely why they push you to hurry. The pause itself is your best defence.

If you think you've been scammed

First, breathe — and don't let shame stop you acting, because hesitation is exactly what the scammer is counting on. These frauds are professionally designed to fool smart, careful people, so being caught says nothing about you and everything about them. The priority now is to protect whatever is left and to avoid the second trap waiting for victims: 'recovery agents' who promise to get your money back for an upfront fee. That promise is itself a scam, targeting the same people a second time. Move quickly through these steps:

If you entered your seed phrase anywhere at all, assume the entire wallet is compromised. Create a brand-new wallet with a fresh phrase and move any remaining — and all future — funds there.
If you approved or signed something on a malicious site, revoke its token approvals from a wallet interface you trust, to cut off its permission to move your funds.
Change your passwords and switch on two-factor authentication on every exchange account, in case your login details were exposed too.
Report it to your local authorities and the platform involved — and firmly ignore anyone who slides in offering to 'recover' your funds for a payment. That is the follow-on scam, every time.

Make phishing far harder

A hardware wallet means even a convincing fake site can't move your funds without you physically approving on the device. The Ledger Nano X is our top pick — buy direct from the manufacturer only. We may earn a commission at no cost to you; it never changes our verdicts.

Check price →Affiliate link — we may earn a commission at no cost to you.

Key takeaways

Crypto payments are irreversible, which is why scams target it so hard.
Almost every scam wants your seed phrase or a transaction you approve.
Urgency, guaranteed returns, and unsolicited contact are universal red flags.
Type URLs yourself, use a hardware wallet, and never share your recovery phrase.

Frequently asked questions

Someone messaged me from 'official support' — is that ever real?

Treat unsolicited contact as a scam by default. Legitimate teams almost never DM you first, and none of them will ever ask for your seed phrase. If you have a genuine issue, contact support yourself through the official app or site you already use.

How can a website steal my crypto if I don't enter my password?

Some malicious sites ask you to 'connect wallet' and then sign a transaction that quietly grants them permission to move your tokens. Only connect to apps you sought out and trust, read what you're signing, and review your approvals regularly.

Can I get scammed funds back?

Usually not — crypto transactions are irreversible. Report it to the authorities and the platform, but be very wary of anyone promising to recover your money for an upfront fee. That's a follow-on scam preying on victims, not a genuine service.

The Latest Crypto Team

Independent crypto education · free for all

We built LatestCrypto because we were fed up with the scams, shilling and terrible advice that fill the crypto internet. Everything here is free, honest and made with love — no hype, no “trust me bro”, and we’ll never tell you what to buy. Spotted something we got wrong? Tell us, and we’ll fix it.