If you've just gotten into crypto, or you're about to, here's something a little uncomfortable to hear first: you're in the stage where you're most likely to get scammed. Not because you aren't careful, but because you haven't yet "seen" what these scams look like — and what scammers do best is dress a trap up as exactly the thing you want most right now: a sure-thing opportunity, a selfless mentor, an "official" alert. This piece isn't here to scare you. It does one simple thing: lay out the scams retail users actually run into, all at once, so you learn the faces in advance. For each type I'll tell you what it is, how scammers really operate, the one signal that lets you see through it, and where to find the full breakdown. Read this and you'll have a map in your head; after that, whichever one you meet, you'll be able to place it.
- Scams are endlessly varied, but there are only three families: those posing as platforms (fake sites/apps), those using human relationships (pig butchering/mentors/fake support), and those using on-chain mechanics (approval drains/address poisoning). Know all three and you have the big-picture view.
- They attack not your intelligence but your situation and emotions — loneliness, wanting to make it back, fear of missing out, trust in "official." What slips isn't the brain; it's the moment of temptation.
- The closest thing to a universal rule: any unfamiliar platform, link, or approval someone actively steers you toward, treat as a scam first, no matter how smooth it seems.
Why beginners get caught most in year one
This isn't a coincidence, and it isn't because beginners are "dumb." It's the result of a set of real, structural disadvantages stacking up.
First, you have no frame of reference. A veteran glances at an interface, checks a domain, reads two lines of pitch, and knows from experience what's off; you've never seen what "normal" looks like, so you naturally can't pick out the abnormal. That information gap is exactly what scammers want — their clone sites, faked profit screenshots, and theatrical "support" scripts are purpose-built for people who haven't seen it all. Second, you're in a hurry to get going. New arrivals often have a pent-up urge to open an account, make their first buy, and catch up to everyone else making money. That "I need to get moving" mindset makes you choose to believe right where you should stop and verify. Third, your sources are a mess. You may have come in through some group, a short video, or a "helpful stranger" — and those entry points may themselves be a scammer's careful setup.
Put the three together and the conclusion is sobering: when beginners get scammed, it's usually not a character flaw or an intelligence problem — it's not having built a coordinate system for judgment yet. The good news: that system can be built fast — and this piece you're reading is helping you build it. Learn all these scams and you've skipped the part of experience other people paid tuition for.
The psychological levers scammers all use
Before we take apart specific scams, one thing to make clear: they look wildly different, but underneath they pull the same few levers. Recognizing the levers beats memorizing the name of each scam — because names change, levers don't.
- Manufactured urgency. "Limited spots," "closes tonight," "miss this wave and it's gone." The moment someone is pushing you to decide right now without time to check, that itself is the strongest danger signal. A real opportunity is never afraid of you taking your time.
- Borrowed authority. Impersonating exchange officials, support, a "successful mentor," a group admin. People have an instinctive deference to "official" and "authority," and scammers wear exactly that skin.
- A taste of sweetness. They let you feel a small real benefit first — a small withdrawal really goes through, the airdrop really arrives, the first "signal trade" really makes money. That taste is the bait: real money spent to buy your bigger money later.
- Exploiting emotion. The lonely want company, those who've lost money want to recover, the once-scammed want it back. Scammers step precisely on your softest spot.
How these levers work inside your head, we go deeper in why crypto scammers target you: 9 psychological manipulation tactics. You'll find that once you see the playbook, a lot of formerly "tempting" moments turn into "wait — which lever is this?" alertness. That's the first line of defense.
Family one: scams posing as platforms
What this family shares: the scammer disguises itself as a "place" you trust. You think you're dealing with an exchange, an app, an official email — but the other side is the scammer's back end. These rank highest in danger because they often take your account or principal in a single move.
1. Cloned phishing sites & fake exchanges
You want to log into your exchange, do a quick search, and click the top result — the domain looks about right, the page is identical to the real one, even the support pop-up is there. You enter your username, password, and code, and it says "login failed, please retry." In reality you just handed all of that, untouched, to the scammer's back end. That's a phishing clone: it doesn't need to hack your computer, just build a look-alike shell and wait for you to deliver the keys. Spot it instantly: the domain is off by a letter, has an extra hyphen, the wrong suffix (a weird TLD instead of .com), or you arrived via a search ad or a link someone sent — any one of those three and you don't type your password. The right move is always typing the official domain yourself or using a bookmark. For US-listed firms you can also confirm via FINRA BrokerCheck. → Full breakdown: cloned phishing sites & fake exchanges
2. Cloned apps (fake OKX / fake Binance)
Nastier than a fake site is a fake app. Someone sends you an installer or an "insider download page," with a reason like "the store version has problems" or "this is the exclusive channel, more features." You install it, the interface is flawless, deposits and prices and orders all work — until you try to withdraw and the money's stuck, or the whole app suddenly won't open. At heart it's a shell for collecting money, and your "balance" is just numbers on a screen. Spot it instantly: any "exchange app" installed not from the official app store but via a link or installer — don't install it; one that tells you to "turn off your phone's security check before installing" is an instant block. To use a given exchange's app, only search the App Store / Google Play, and check the developer name. → Full breakdown: cloned apps
3. Fake support & "account unfreeze" scams
You might get a call, a DM, or — while searching "exchange X support phone number" — a number, with the other end claiming to be exchange support: "we've detected suspicious activity / possible money laundering / your account is about to be frozen, you need to cooperate." Then they walk you step by step — move coins to a "safe account," read out the code from your phone, "verify your identity" on some page. The pacing is professional and leaves you no room to think. Spot it instantly: real exchange support never calls or DMs you first, and never asks for codes, transfers, or screen-sharing software. The moment someone contacts you out of the blue and makes those requests, however urgent it sounds, hang up. Genuine financial bodies like the FTC also stress: no real agency asks you to move money to "keep it safe." → Full breakdown: fake support & account-unfreeze scams
4. Phishing texts & fake official emails
"Suspicious login on your account, click to verify," "your KYC is about to expire, please update soon" — these texts and emails get more convincing all the time, spoofing the sender display name, logo, and layout. Their only goal is to lure you onto that phishing clone to type your password, so they work hand in glove with scam #1. They exploit your fear of trouble: see an account problem and the instinct is to fix it fast. Spot it instantly: don't tap any link in an email or text. To check account status, open the official app yourself or type the official domain by hand. Make "any notification that wants me to log in via a link is fake by default" your reflex. You can also forward suspicious texts to 7726 (SPAM) in the US. → Full breakdown: phishing texts & fake official emails
This whole family has one shared cure
Fake site, fake app, fake support, or fake email — they all need you to act "through an untrusted entrance." Lock the entrance and half the family dies: log in only via a bookmark or by typing the official domain, install apps only from the official store, verify every notification by going into the app yourself, and never tap a link someone hands you.
Family two: scams using human relationships
This family doesn't attack systems — it attacks the trust between you and "people." The scammer first becomes some role in your life — a romantic interest, a mentor, an elder, a group member, even a "fellow victim" — then uses that relationship to walk you into the pit step by step. These tend to run long and run big, because the emotional groundwork is worth the price.
5. Pig butchering & "signal mentors"
This is the most typical, and most damaging, of the family. The scammer first builds a relationship with emotional weight — maybe someone you click with on a dating app that slowly becomes an online romance, maybe a "selfless mentor who wants to bring you along" in an investing group. After a while, they "casually" reveal they made money through some channel; you're tempted, and they suggest "start small to try it." You do, the numbers really climb, withdrawals really arrive — and your last doubts dissolve. So you put in more and more, and when you try to pull the big money out, the platform demands you "pay tax to unfreeze" or "top up margin," until one day the person and the platform vanish together. "Signal mentor," "VIP call group," "insider tips" are just the costumes; the skeleton is identical. Spot it instantly: any time someone you met online (however close it feels) leads you to an unfamiliar investment platform, treat it as pig butchering no matter how smooth the start; the appearance of "pay tax to withdraw" is basically the verdict. → Full breakdown: pig butchering & signal mentors
6. Telegram fake-admin DM scams
You ask a question in the official group of some project or exchange, and within minutes an account whose avatar and name look almost identical to the "admin / support" DMs you first: "Hi, I'm official support, let me help you." You can already guess the script — they steer you to click a link, connect your wallet, send a "verification deposit." The scammer relies on your in-group complacency: "this is the official venue, the people here should be trustworthy." Spot it instantly: real official admins and support never DM you first. If an "admin" in a group messages you first, you can pretty much call it impersonation; if there's a real problem, go back to official channels and use the public support entrance. → Full breakdown: Telegram fake-admin DM scams
7. Fake high-yield rebates & Ponzi schemes
"Deposit and earn 0.3% daily," "lock-up staking with annual yields off the charts," "recruit one more person and earn another bonus layer" — it sounds like money for nothing, and it's the classic Ponzi structure: it produces no real yield, it just pays earlier members' "interest" out of later members' principal. Early on everything's normal and withdrawals are smooth, so early entrants genuinely help recruit. But the moment new money slows or the operator decides they've grabbed enough, withdrawals collapse and everyone's principal is buried together. Spot it instantly: a promised fixed high return + reliance mainly on recruiting people appearing together is basically a stamp. Any "guaranteed profit" or "principal-protected high yield" pitch is a danger word in crypto. The SEC and CFTC repeatedly warn that "guaranteed returns" don't exist in legitimate investing. → Full breakdown: fake high-yield rebates & Ponzi schemes
8. AI quant & auto-copy-trading scams
These two years it put on the trendiest costume: "our AI quant bot auto-arbitrages, 99% win rate," "put your money in, follow the robot, do nothing." It uses "high tech" and "automation" to explain that absurdly high return, making it look more credible than a bare Ponzi. But one question breaks it: if the robot is so magical, why not get quietly rich alone instead of pulling you in to share? Peel off the "AI" and the core is the same as a Ponzi — lure your deposit, pay old interest with new money, then run. Spot it instantly: anything that credits a high return to "AI / quant / arbitrage" and wants you to deposit into its designated platform, treat as a reskinned Ponzi. Real quant funds don't recruit retail in chat groups. → Full breakdown: AI quant & auto-copy-trading scams
9. USDT "recovery / unfreeze" second-wave scams
This one is especially vicious because it preys on people already hurt. After being scammed, you may be desperate to recover the loss — and that's when "cybersecurity firms," "rights-protection teams," and "tech gurus" appear, claiming they can recover your stolen money or "unfreeze" your "frozen" USDT, as long as you first pay a "fee / deposit / service charge." Clinging to a last hope, you pay — and get cut a second time. Victim lists are themselves a resource traded in the criminal underground, so the second cut often follows the first quickly. Spot it instantly: anyone who "charges a fee first to help you recover / unfreeze" is a second-wave scam. There's only one legitimate path to recovery — reporting to law enforcement — and police never charge you an upfront fee. → Full breakdown: USDT recovery / unfreeze scams
The one line to burn into muscle memory for this family
No legitimate platform or institution on earth asks you to pay money in first before you can withdraw or recover your own money. "Pay tax to unfreeze," "post margin to unlock," "pay a service fee to recover" — the moment any of these appears, it's harvesting or re-harvesting. The move then is to stop immediately and preserve evidence, not scrape together more money.
Family three: scams using on-chain mechanics
Once you start using a wallet and touching on-chain assets, you'll meet another kind of scam. They don't steal your password — they exploit the blockchain's "once confirmed, irreversible" nature to get you to sign an approval yourself, or transfer to the wrong address. The technical bar sounds high, but the way to spot them is plain.
10. Fake airdrops & wallet-approval drains
You get a message that a project is airdropping something valuable — just connect your wallet to "claim." The page looks legit, you connect, it pops up an approval request, you tap "confirm" without reading closely — and seconds later your wallet's assets are emptied in one shot. The problem was that "approval": you thought you were claiming an airdrop, but you actually granted the other side permission to move a certain token in your wallet. Spot it instantly: when claiming an airdrop or doing a task, be highly wary of anything that requires you to "sign an Approve" to continue; refuse any signature you don't understand; don't even touch airdrop tokens of unknown origin, let alone interact on the site they give you. Before any wallet interaction, ask: "what exactly does this signature authorize?" → Full breakdown: fake airdrops & wallet-approval drains
11. Address poisoning & zero-transfer scams
This one plays on your copy-paste habit. The scammer first generates an address whose first and last few characters closely match the address you usually receive to, then sends a $0 (or tiny) transfer to your wallet, "dropping" that record into your transfer history. Next time you transfer, if you take the lazy route and copy the address from your history, you may well copy the scammer's look-alike and send your money to them. Spot it instantly: always verify the full transfer address, at least the first and last 6 characters — don't just glance at two or three; don't copy addresses from your transfer history, use a saved address book or the address the other party sends live, and compare character by character after pasting. → Full breakdown: address poisoning & zero-transfer scams
12. Fake presales & rug pulls
Presales of new tokens and projects are the worst-hit area for this scam. A "rug pull" comes in two shapes. In one, you can buy the token but can't sell it — the contract is rigged so only the team can sell. In the other, more direct one, the team yanks the liquidity from the pool right after you've all bought in, the price instantly goes to zero, and they disappear. It's usually wrapped in "100x potential," "early-bird gains," "miss it and wait ten years" — preying on your fear of missing out. Spot it instantly: keep your distance from new tokens that have no real product, lead with "buy early, get rich early," and whose contract and team you can't trace; buy-but-can't-sell, and liquidity that can be pulled unilaterally, are both fatal signals. Beginners especially should never bet money they can't afford to lose on a presale. → Full breakdown: fake presales & rug pulls
Put all twelve side by side and you'll see they keep pulling the same few levers — just in different outfits. That's exactly why "knowing the types" beats "memorizing the details": next time a fresh variant you've never seen comes along, you can still classify it and place it fast. If you want to quickly test which type something in front of you belongs to and how dangerous it is, run it through the scam self-check in about 30 seconds.
A universal anti-scam framework: run any "opportunity" through it
Knowing all the scams is your defensive map, but in an actual situation what you need is a process you can use on the spot, without relying on memory. Scams change, the process doesn't — whenever any "opportunity," "alert," or "let me make you money" thing appears, run it through this sieve first, and most pits fall out on their own.
The core is a few questions: who reached out to me first? Is it rushing me to decide now? Does it ask me to go to an unfamiliar platform, click an unfamiliar link, sign an unfamiliar approval, or pay money first? Is the promised return abnormally high? Can it withstand me stopping and verifying independently through an official channel? If even one or two of these flash red, it's time to hit pause. Making this set of questions a habit beats the four words "be more careful," because it shifts the judgment from "I feel this person is good" to "is the process right." The complete version is in our universal 7-step anti-scam framework — read it, bookmark it, and pull it out to check against when something happens.
Install a "delay switch" for yourself
Nearly all scams fear the same thing: time. So set yourself an iron rule — anything money-related that wants you to decide "now, immediately, right away," sleep on it 24 hours first. It's so simple it barely sounds like an anti-scam technique, yet it blocks a sizable share of impulse-driven scams. The harder a scammer pushes, the more it signals you should hit that switch.
If you've been scammed, what to do first
No amount of anti-scam reading guarantees you'll never get caught; if you do, what you do next directly decides where the loss stops. Every step here is about stopping the bleeding, not "finding a way to get the money back" — that last bit is exactly the second cut scammers are waiting to make.
Step 1: stop immediately, don't send another cent
No matter whether they say "one more payment and you're unstuck," "pay the tax and you can withdraw it all," or "top up a margin account to unfreeze," don't invest more. At this stage, sending money isn't recovery — it's being harvested further. Shut this gate first.
Step 2: preserve all evidence
Screenshot: chat logs (especially the parts about investing, transfers, and pressure to pay), the other party's accounts and handles, the platform's domain and app, and every transfer record with the recipient address/account. These are key to reporting and any possible tracing — lose them and they're hard to recover.
Step 3: report with evidence as soon as possible
The bigger the amount or the more cross-border the transfers, the sooner you report. Don't skip it because it feels "embarrassing" or "unrecoverable" — reporting is the only starting point for a legitimate trace. In the US, file with the FBI IC3 (ic3.gov) and the FTC (reportfraud.ftc.gov); if a financial product or bank was involved, you can also complain to the CFPB. In the UK, report to Action Fraud. Law enforcement never charges you an upfront fee.
Step 4: protect yourself, don't take the second cut
After being scammed, someone will quickly appear offering to "recover it for you." As covered above, that's almost always a second-wave scam working off victim lists. What you need at this stage is calm and support, not another "hope."
The full loss-stop, evidence, and reporting process, plus how to take care of your emotional state afterward, is written up in already scammed? loss control, evidence, and reporting. If you're in this moment right now, take a breath, then work through it step by step — this isn't your fault, and stopping the loss is the most important thing right now.
Prevent at the source: pick the right platform, confirm official
By now you've probably sensed it: the vast majority of scams are built on "you walked through the wrong door" or "someone led you somewhere unfamiliar." So the lowest-effort defense is to guard the source — take only the legitimate, official route from the start. Get this right and a large share of the scams above can't even reach you.
How do you judge whether a platform is legit? Don't just take someone's "this one's safe / that one's a scam" — learn to look at verifiable dimensions yourself: is there a real, checkable operating entity and compliance info, are the official domain and app crystal clear, are deposits and withdrawals smooth and transparent, does support run through public, proper channels. We've gathered this judgment method in how to judge whether an exchange is legit, which also includes an official-domain reference table for major exchanges, and notes on confirming regulation via FINRA BrokerCheck or the FCA register.
Down to specific platforms, the two beginners ask about most are OKX and Binance. Both are mainstream top-tier exchanges, and the real trap usually isn't them but the "fake OKX" / "fake Binance." If you want to check for yourself whether OKX is legit and where the pitfalls are, see is OKX a scam? learn to vet an exchange yourself first; for how to weigh the two on safety, see OKX vs Binance: how a beginner should choose on safety. If you do decide to open an account, walk through every anti-scam point in how to sign up for OKX safely — especially confirming the official domain, downloading the app only from the official store, enabling 2FA, and setting a withdrawal whitelist.
For "confirming official," there's one very practical little tool. Worried whether the page you clicked into is a clone? Compare it with the official domain checker; to systematically check whether you've got the basics covered, run through the crypto beginner anti-scam safety checklist; and if you're a total beginner who wants to stay safe from your very first buy, how to buy your first crypto without getting scammed flags the pitfalls at every step — picking a platform, downloading the app, deposits/withdrawals, and your first trade.
Make "confirm official" muscle memory
For all the words, source defense boils down to a few actions: log in only by typing the official site or using a bookmark, install apps only from the official store, verify every notification by going into the app yourself, and never tap a link someone sends or install an installer someone gives you. Do these and the whole family of fake sites, fake apps, fake support, and phishing texts basically can't reach you.
FAQ
There are so many crypto scams — which should a beginner guard against first?
By how often they actually happen, your first year should focus on three. First, fake platforms — cloned exchange sites and fake apps, where you think you're using a major exchange but your deposits went to a scammer. Second, social engineering — typically pig butchering and signal mentors, who build a relationship or take you on as a student, then move you to an unfamiliar platform. Third, the recovery / unfreeze second-wave scam after you've already lost money. These three cover most real retail losses; learn them all and you've blocked most of it.
I'm not greedy or stupid — why would I still get scammed?
Because most crypto scams don't fight your intelligence. They target your situation and emotions — companionship when you're lonely, hope of "making it back" when you're down, posing as "official help" when you panic. The moment what you're judging becomes "a person I trust" or "an official notice," your brain instinctively lowers its guard. That has nothing to do with being smart, and admitting it is exactly what lets you hold mechanical rules.
Is there one line that blocks most scams?
The closest to universal: any unfamiliar platform, link, or approval that someone newly met — a stranger, a contact, a mentor, support — actively steers you toward, treat as a scam by default no matter how good it sounds or how smooth the start. Add one more: any claim that you must "pay money in before you can withdraw your own money" (tax, margin, an unfreeze fee, a service fee) is almost always a harvesting signal. Hold those two and you've dodged most of it.
The scammer says we're operating on "OKX" or "Binance" — can I trust that?
Don't go by the name alone. Scammers love borrowing big exchanges' brands — a near-identical clone site, or a fake app installed from outside the store, so realistic you only realize you can't withdraw after depositing. The real trap usually isn't the major exchange itself but the "fake OKX" / "fake Binance." There's only one way to judge: type the official domain yourself, only download apps from the official store, and never tap a link someone sends. We have a dedicated checker and judgment guide for confirming official domains.
I've already been scammed — what should I do first?
Three things, in order. First, stop immediately — don't send another cent, regardless of "one more payment unlocks it" or "pay the tax and you can withdraw it all." Second, preserve evidence — screenshot chat logs, the other party's account, the platform's domain and app, every transfer record. Third, report with that evidence as soon as possible — in the US, file with the FBI IC3 (ic3.gov) and the FTC (reportfraud.ftc.gov); the bigger or more cross-border the amount, the sooner. Meanwhile, beware anyone who appears offering to "recover your losses" — that's almost always a second-wave scam working off victim lists.
Is ScamLens OKX official? What's that 20% about?
No. ScamLens is an independent crypto anti-scam guide and also an OKX affiliate partner. If you sign up for OKX through this site's official sign-up route, you can get a 20% trading fee discount — note that's a discount on trading fees, not an investment return and not cashback; it's provided by OKX, the rate may change under OKX's official policy, and OKX's terms prevail. This site takes no fee from you and gives no investment advice.
If you really want to trade crypto, use only the legitimate route you chose yourself
By now you've learned the faces of the scams retail users hit most, and you have an on-the-spot judgment process. The rest is putting it into action: touch no unfamiliar platform anyone recommends, use only a major, regulated exchange you chose independently, through its official route. OKX is one mainstream exchange; if you're going to start, you can reach it via the official sign-up route below, and its official domain is okx.com.
Keep following this map
- Why crypto scammers target you: 9 psychological manipulation tactics — understand the few human levers behind every scam.
- The universal 7-step anti-scam framework — the on-the-spot sieve to run any "opportunity" through.
- How to judge whether an exchange is legit — pick the right door at the source, with an official-domain reference table.