Red Flags: How Not to Get Scammed

In traditional finance, mistakes can often be corrected. A fraudulent credit card charge gets reversed. A misdirected bank transfer can sometimes be recalled. Bitcoin works differently.

Bitcoin transactions are final. Once a transaction is confirmed on the blockchain, no bank, no support team, and no government can undo it. The coins are gone. This irreversibility is one of Bitcoin's most important properties. It is also the precise reason why scammers specifically target Bitcoin users.

This article walks you through the most common scams in the Bitcoin space, the warning signs that reveal them, and the concrete steps you can take to protect yourself.

The One Rule That Protects Against Almost Everything

Before looking at specific scam types, there is one rule you need to internalize completely.

Nobody legitimate will ever ask for your seed phrase.

Not a wallet manufacturer. Not your exchange. Not Bitcoin support. Not a developer. Not a moderator. Not anyone. Your seed phrase is the master key to your entire wallet. Anyone who has it can drain your funds completely, instantly, and irreversibly. The moment someone asks for your 12 or 24 recovery words, the conversation is over. It is a scam.

This single rule protects against a large share of all Bitcoin fraud. Keep it in mind as you read through the types below.

The Most Common Bitcoin Scams

Fake Giveaways

Scammers hijack verified social media accounts on X or YouTube, or create convincing fake profiles. They post live streams or messages claiming that a well-known figure is running a limited-time Bitcoin giveaway. The offer is always the same: send some Bitcoin to a specific address and receive double the amount back.

This is impossible. No one is doubling your Bitcoin. Anyone who sends funds to these addresses loses them immediately. Deepfake video technology has made these scams increasingly convincing, with realistic videos of public figures appearing to promote fake events. If a giveaway promises to return more than you send, it is a scam.

Phishing Sites and Fake Apps

Criminals buy paid search advertisements that appear above legitimate exchange websites in search results. The fake sites are built to look identical to the real ones, down to the logo and layout. Users who log in hand their credentials directly to the attacker.

The same pattern applies to mobile apps. Malicious wallet applications have appeared in official app stores, designed either to steal seed phrases or to silently replace any receiving address you paste with the attacker's own address. Always access exchanges via bookmarks you set up yourself, never through search results. Download wallet apps only from links published on the official product website.

Impersonation and Fake Support

A user posts publicly about a problem with their wallet or account. Within minutes, someone in the replies or direct messages offers help. The supposed support agent asks the user to verify their account by entering recovery words on a specific website, or to send funds to a temporary address for investigation.

Legitimate companies do not contact customers through direct messages on Telegram, Discord, or social media. Their actual support teams do not ask for seed phrases or private keys under any circumstances. If someone reaches out to you claiming to represent a company's support, treat it as a scam unless you initiated contact through the company's official website.

Investment Scams and Ponzi Schemes

These scams promise consistent, high returns through automated trading bots, exclusive investment pools, or proprietary algorithms. The promised figures often range from 5% to 20% per month. Early investors may receive real payouts, funded by the deposits of newer participants. This is the classic structure of a Ponzi scheme.

The PlusToken project, which operated across Asia between 2018 and 2019, presented itself as a high-yield cryptocurrency wallet and is estimated to have collected approximately 200,000 BTC before collapsing, leaving hundreds of thousands of victims with nothing. Bitcoin itself generates no yield. Any platform claiming otherwise is either deceiving you or running a Ponzi scheme.

Romance Scams and Pig Butchering

This is one of the most psychologically damaging scam types. An attacker builds a relationship with the victim over weeks or months, typically through dating apps or social media. Once trust is established, they introduce an investment opportunity they claim to have personally benefited from.

The victim is guided to a fake investment platform where deposits appear to grow rapidly. When they attempt to withdraw, they are told to first pay fees, taxes, or verification deposits. These demands continue until the victim has no more money to send. The term "pig butchering" refers to the process of fattening a pig before slaughter. If someone you met online steers you toward an investment platform, treat it as a scam.

Recovery Scams

After losing funds, victims are often desperate and emotionally vulnerable. This is precisely when recovery scammers appear. They present themselves as blockchain forensics specialists, legal recovery firms, or technical experts with the ability to trace and retrieve stolen Bitcoin.

They charge upfront fees and deliver nothing. Some target the same victims multiple times. No legitimate service can recover Bitcoin that has been sent to a scammer's address. Anyone claiming otherwise is running a second scam against an already-harmed person. Report the original incident to your local police or financial regulator and do not pay further fees to anyone.

Job Scams and Money Mule Schemes

These scams advertise well-paid remote positions with minimal requirements. The role involves receiving payments into a personal bank account and converting them to Bitcoin for forwarding to another address. Participants are told this is routine financial processing work.

In reality, they are laundering stolen money. The legal term is money mule, and participation carries serious criminal consequences in most countries regardless of whether the person knew the origin of the funds. If a job description involves receiving money and converting it to cryptocurrency, it is either illegal activity or a setup to defraud you.

Clipboard Malware

This threat is less visible than most but highly effective. Malware on a compromised computer silently monitors the clipboard, the temporary storage used whenever you copy and paste. When it detects a Bitcoin address has been copied, it replaces it with the attacker's address before you paste.

The result is that a user carefully copies a correct receiving address but unknowingly pastes a completely different one when completing the transaction. Always verify the full receiving address on your hardware wallet's own display before confirming a send. Never rely on only the first and last few characters.

Scam Types at a Glance

Universal Warning Signs

Regardless of the specific scam type, the following signals should stop any engagement immediately.

Urgency and pressure. Phrases like "act now," "offer expires tonight," or "your account will be suspended" are designed to prevent rational thinking. Legitimate services do not manufacture artificial emergencies.

Requests for your seed phrase. The single most reliable indicator of fraud. There is no legitimate reason for any person or platform to ask for your recovery words, ever.

Guaranteed returns. Bitcoin is volatile. No legitimate service can guarantee fixed profits. Any promise of consistent, predictable returns is either a lie or a Ponzi scheme.

Unsolicited contact. Legitimate companies do not reach out first through direct messages. If someone contacts you proactively about Bitcoin or a related service, apply maximum skepticism.

Pay to receive. Any platform requiring a Bitcoin deposit before you can withdraw your balance is fraudulent. This includes requests framed as taxes, verification fees, or security deposits.

How to Protect Yourself

Use a Hardware Wallet for Significant Amounts

A hardware wallet stores your private keys offline, beyond the reach of remote attackers. Purchase one directly from the manufacturer's official website and nowhere else. Devices sold on third-party marketplaces may have been tampered with before delivery.

For a practical guide to choosing the right storage solution for your situation, see How to Store Bitcoin Safely.

Treat Your Seed Phrase as the Most Sensitive Thing You Own

Write your recovery words on paper or stamp them into metal for resistance to fire and water. Never photograph them, never store them in any cloud service, and never type them into any device other than the hardware wallet itself during a legitimate recovery process.

You can read more about why this matters in What Is a Seed Phrase?.

Bookmark Every Exchange and Service You Use

Never access cryptocurrency services through search engines. Fake paid advertisements are a primary source of phishing victims. Set bookmarks directly in your browser for every platform you use and navigate exclusively through those.

Replace SMS-Based Two-Factor Authentication

SMS-based 2FA can be bypassed through SIM-swapping attacks, where an attacker convinces your mobile carrier to reassign your phone number to a new SIM. Use a dedicated authenticator app or a hardware security key instead for any exchange account.

Always Send a Test Transaction First

Before sending a large amount to a new address, send a minimal amount first and confirm it arrives correctly. This takes a few minutes and costs very little in fees. It eliminates the risk of clipboard malware and address errors before they cause serious damage.

Verify the Full Receiving Address on Your Hardware Wallet

When sending Bitcoin, your hardware wallet displays the destination address on its own screen. Compare this address to the one shown on your computer, character by character. If they differ at any point, stop immediately. This is one of the most important habits a Bitcoin user can develop.

For a complete guide to self-custody, see Self-Custody Best Practices.

Three Historical Cautionary Tales

Mt. Gox: Not Your Keys, Not Your Coins

Between 2010 and 2014, Mt. Gox was the world's largest Bitcoin exchange, processing the majority of all global Bitcoin trades. Through a combination of security failures and mismanagement, the exchange lost approximately 850,000 BTC belonging to customers. When it filed for bankruptcy in 2014, users discovered that their exchange balance was not Bitcoin. It was a promise of Bitcoin, and one that could not be fulfilled.

The lesson applies beyond exchanges to any platform that holds your Bitcoin on your behalf. If you do not control the private keys, you do not own the Bitcoin.

PlusToken: Guaranteed Returns Always Signal Fraud

PlusToken operated across China, South Korea, and neighboring countries from 2018 to 2019, presenting itself as a smart cryptocurrency wallet that generated returns through automated trading. It attracted millions of users with monthly return promises of between 8% and 16%. The project was a Ponzi scheme. By the time authorities made arrests in mid-2019, the operation had collected an estimated 200,000 BTC alongside large amounts of other cryptocurrencies.

Bitcoin does not pay interest. A project that says otherwise is using your money to pay earlier investors.

The Ledger Data Breach: Your Personal Data Is Also an Attack Surface

In 2020, a security breach at hardware wallet manufacturer Ledger exposed the personal data of hundreds of thousands of customers, including names, email addresses, phone numbers, and physical home addresses. The hardware wallets themselves were not affected. However, the leaked database enabled a wave of precisely targeted phishing attacks.

Customers received convincing fake emails, text messages, and in some cases even physical mail containing replacement hardware wallet devices designed to capture seed phrases on first use. The breach shows that attackers can reach you through your personal data alone, entirely independent of your wallet security. A legitimate manufacturer will never contact you to request your seed phrase under any circumstances.

A Final Note

The Bitcoin space rewards knowledge and penalizes carelessness in equal measure. The scams described here are not rare edge cases. They are ongoing, industrialized operations that extract funds from thousands of people every month.

Understanding the patterns described in this article is one of the most valuable things you can do as a Bitcoin user. To continue building your foundation, Mistakes Bitcoin Beginners Often Make and Common Misconceptions About Bitcoin are the natural next steps.

Bitcoin's security model ultimately depends on the owner. No one else can protect your coins for you.