Common Hacks, Scams and Other Stuff You Should Be Aware of in the Crypto Sphere

In a decentralized world, being your own bank while making it extremely easy to trade is a double edged sword. There is no customer service to call to when there's a technical issue, having a debit card/wallet blocked or any other support issues. This makes crypto investors a good target for any kind of attackers. With all kinds of malicious things happening to holders, let's narrow down the list to the main 3 types: Greed, Hacks & Obliviousness.


This is a consequence of the human mentality and FOMO (Fear of Missing Out). Greed scams are usually the most common. The top 3 are:

Giveaways: This is where a scammer asks you to send them an amount of crypto and says they will send back double or more. Only after you realize the money is never coming back to you. Never believe in any of these promises, even if the sender/attacker is seemingly legit.

Ponzi Schemes: These are easily detectable by noticing abnormal APY (interest) rates. They offer you staking rewards higher than the competition and general market standards. They also offer you different tiers and bonuses if you refer to other investors. Never trust these. If you want to go down a Ponzi scheme rabbit hole, check out Bitconnect.

"Pump and Dump" Groups: These are groups of early buyers that try to bring in newbies as a "bait" to try to drive the price up. They often create these so-called “VIP” groups of big investors and invite regular community members to work together in order to pump a "random" token that of course, the group owners had already invested in it days prior. Once the price reaches their target ("pump"), they exit sell their huge bags ("Dump") before anybody else at the cost of newcomer’s money.


These are result of some clever hackers putting their tech skills to work in order to steal your crypto:

Fake Wallets: There are tons of fake crypto wallets with unbelievable similarity to legit ones. They also have fake comments and upvotes in all the app stores. If you ever install one by mistake and deposit your crypto or enter your seed phrase into then, well, consider your crypto gone. The software will instantly suck up your crypto all the way to their wallets and you can do nothing but report the app in hopes that it gets taken down.

Solution: Look for legit developer names and app rankings or visit the product's website directly to download the wallet. For geeks, verify the checksum if available.

Address Malware: These are often malicious programs that are injected into your computer when you download free software or play one of those "free games". As you copy your personal address from somewhere, like an exchange, the malware overwrites your clipboard with the hacker’s address, sending the crypto to the hacker instead of yourself.

Solution: Double or Triple check the address you pasted before clicking the "send" button.

Phishing Scams: These are hacks where a malicious website or URL shows up in your chat or emails, which might look legit but isn’t. Hackers take advantage of unicode characters and set up websites in which the URLs are same as the original while also using the exact same UI. Once you try to login and enter your credentials, hackers will take those credentials and log in to your account and later steal your funds or even worse, transfer tainted BTC to your wallet and sell.

Solution: Check URL security SSL certificates. Use 2FA, preferably an app rather than an SMS 2FA (In case of SIM swaps).


These are usually the results of pure unawareness or incompetence on the holder’s side.

Seed Phrase Storage: Almost all wallets always ask the holder to write down their seed the first time you set it up and chuck it away at some safe place. But some people can be so careless that they just take a screenshot of it or save it as an email draft or in the cloud. This is a huge compromise and you may lose your crypto if you choose to do this. All the glory of “Crypto” in cryptocurrency is lost if you as a holder don’t make the effort to safeguard your wallets or finances.

Solution: Write it down in physical form and make copies, laminate the paper, store them at different trusted places safely and if your funds are huge, get a safe!

Not Using 2FA: Two-factor authentication (2FA) is almost becoming the norm these days just like email verification was 5-10 years ago. By not using 2FA, you are just waiting for a hacker to get a hold of your credentials. It is as simple as scanning a barcode in an app…Make it your priority!

Solution: Make sure you enable 2FA and preferably app-based. SMS based are vulnerable to SIM Swap.

Revealing your Holdings: We all can admit that sometimes we are excited by our gains and want to flex them over our friends. Well, it isn’t worth it. It's always better to assume that every trustworthy person you share the news with, might have a not-so-trusting person around them that can target you and go after your gains.

Solution: Never reveal your crypto gains to anyone, if you already did then hopefully you will learn from your mistakes.

That’s it people, we think we mentioned all the prominent scams. If anyone thinks we missed any other important one, please share it in the comments below and we will add them to the list!

SpyWolf is a crypto security platform that helps bring trust and eliminate monetary fraud in the DeFi industry. Join our TG: