28 Apr 2025

light mode

Social Engineering in Crypto: Top 5 Fraud Schemes

A recent hacking incident has highlighted that while fraudsters’ tactics may vary technically, their underlying principles are remarkably consistent. In today’s digital landscape, recognizing emerging scam tactics is an essential skill for any crypto users.

On this page

Ayush Gupta, a developer affiliated with Polygon, BlackRock, and KGeN, became the target of cybercriminals who used social engineering and malware to access his digital wallet and subsequently misuse it.

Ayush was approached on LinkedIn by an individual named Nickolas Donoso, who proposed a freelance collaboration. Donoso requested that Ayush execute a repository file on GitHub and share his insights. The developer noted, the repo looked fine at first glance,” which prompted him to engage with it.

Upon executing the file, Ayush's macOS displayed a system notification: “Security wants to use your confidential info stored in chrome safe storage in your keychain.” This immediately aroused Ayush’s suspicions, leading him to delete the file and restart his system.

He then verified his wallet's balance using Etherscan, reassuring himself that the funds were intact (spoiler—it was not).

The perpetrator had merely convinced Ayush that his assets were safe: “If he had access to my wallet, he would have already stolen my money,” Ayush reasoned, thus he did not move his cryptocurrency from the compromised wallet to a safer location. The scammer was simply biding time: while Ayush was checking Etherscan, the thief already had access to his funds. Within the first five minutes of the attack, the scammer extracted $14,400 in cryptocurrency. He also managed to sell several NFTs and converted some assets to ETH. 

Unauthorized transactions including the withdrawal of NFT#2222, BADGER, and ALI from the victim’s wallet. Source: nansen.ai

Unauthorized transactions including the withdrawal of NFT#2222, BADGER, and ALI from the victim’s wallet. Source: nansen.ai

As a result of a 5-hour cyber attack, the total damage amounted to $16,970. Ayush lost all of his capital invested in cryptocurrency.

It's important to note that this scam on LinkedIn is not an isolated case. Fake recruiters might also send phishing links, request personal documents for KYC procedures on trading platforms, or ask for payments to cover the “delivery” of corporate equipment.

Victims can encounter virus-infected files under various circumstances: while interacting on dating sites, in crypto community chats, or in comments under Telegram posts. The context varies based on the scamming technique used by the fraudster.

Social Engineering Attacks in Crypto  

This developer's ordeal is not unique. Comparing the first half of 2023 with the same period in 2024, the scale of fraud has escalated: losses categorized as “stolen funds” reached $1.58 billion (up from $857 million the previous year), and losses from “ransomware” amounted to $459.8 million, nearly unchanged from the previous year’s $449.1 million. 

Advanced cybercriminals, including IT workers linked to North Korea, are increasingly leveraging off-chain methods, such as social engineering, to steal funds by infiltrating crypto-related services

according to a report by Chainalysis.

The role a scammer can play is limited only by their imagination. They could pose as a recruiter, a crypto exchange analyst, or even a romantic interest—each disguise is carefully tailored to their scheme. Users need to be vigilant and able to recognize these tactics to avoid falling victim to fraud. 

Scheme #1: The Pity Me Strategy  

To win someone's sympathy and favor, play on their emotions. If you're seeking romance, open up about your personal challenges; if you're aiming for a promotion, let your boss know about your financial struggles; if you're looking to build a large following on X, discuss your financial hardships like bankruptcy.

Icon of Sympathy: Puss in Boots. Source: fandom.com

Icon of Sympathy: Puss in Boots. Source: fandom.com

Posts where authors claim financial ruin, hacks, or being victims of scams quickly amass thousands of views. For many, these narratives significantly boost their media profiles; some even fabricate their own victimhood, such as pretending to be robbed, to draw new followers. For others, it becomes a method to engage in illicit activities.

Scammers often fabricate dramatic stories like liquidating $100,000 on meme coin trades, losing all their funds to a phishing attack, or asset losses due to a hacked cross-chain bridge. Their goals typically include:

  • Attracting an audience: The initial, seemingly harmless goal is to gain followers—unsuspecting users subscribe to the “victim” and occasionally see their posts in their feed.
  • Generating income through donations: The act of soliciting sympathy donations has reached a new level with statements like, “We only accept crypto.”
  • Pushing phishing links and fraudulent projects: Authors of these posts might endorse a “fantastic” service that allegedly helped them recover their funds. In hope of retrieving their losses, users might follow these phishing links, only to end up in a worse situation.

The prevalence of such posts often increases in tandem with unpredictable events in the crypto market, such as the FTX collapse, the Atomic Wallet hack, or the altcoin market downturn in April 2024. These events impact a large number of people, thus increasing the number of users with similar, often fabricated, stories. 

Scheme #2: The Friendly Chat Strategy  

This social engineering tactic frequently targets men, exploiting their weaknesses for easy money and female attention. An unsuspecting victim might start a conversation on a dating site like Badoo or Tinder and, within a few days or weeks, be lured into becoming a “crypto investor.”

The scammer builds trust with the victim and later suggests signing up on a scam-controlled exchange (to steal confidential data), investing in fraudulent tokens, or making a donation. These actions are often motivated by promises of a personal meeting, sharing photos, and continuing the conversation.

Interestingly, the FBI recently recovered $5 million for victims of this very type of scam.  

Scheme #3: The Crypto Mentor Ruse  

It may seem that the era of phone scams is long gone as people increasingly use caller ID services like Getcontact, refrain from disclosing the three digits on the back of their bank cards, and avoid sharing confidential information with strangers. Public awareness of such scams has indeed increased, yet fraudsters have developed more sophisticated schemes.

For example, advertisements promising easy earnings in crypto may entice a victim to leave their phone number for further discussions with a “consultant.” This individual is not a genuine consultant but a well-trained scammer skilled at pressing the right psychological buttons. Even if the victim suspects a scam, this expert manipulator can convince them otherwise.

Incentives for investing could include:

  • The launch of a token through an ICO. Between 2019 and 2020, scammers frequently enticed investments with the promise of the Telegram Open Network (TON) ICO.
  • The missed surge in cryptocurrency prices. Even seasoned traders can succumb to FOMO (fear of missing out), let alone those without experience.
  • The opportunity to join the crypto industry. To many, cryptocurrencies still seem like enigmatic and unattainable assets, which allows scammers to offer their victims the “unique chance” to join an exclusive community.

Once a victim is primed to invest, they are led through a KYC process (naturally, it's a phishing scam) and asked to deposit funds into a fraudster-controlled exchange. This approach allows the criminals to simultaneously obtain both money and the user’s personal data.  

The victim then faces relentless psychological pressure. Phony analysts simulate significant price fluctuations (trading occurs on the manipulated platform), and exploit the investors through various means: they resort to blackmail (for instance, denying the withdrawal of assets from the exchange unless additional fees are paid), manipulate emotions, and create a sense of urgency (“time is running out”), pushing investors to make rushed and ill-considered decisions. All these tactics are designed to maximize the extraction of money.

Scheme #4: The Last Chance to Claim Your Airdrop  

his scam revolves around promoting a phishing link under the guise of receiving or verifying eligibility for an airdrop. Scammers create fake accounts, mimicking the profiles of legitimate projects, and then post links that lead to malicious software or websites.
These posts are often buried in the comments under posts from real projects. For instance, if ZKsync posts details about its tokenomics, a scammer might reply with something like, “Click the link to check your eligibility for the upcoming $ZK airdrop.” Once users click on the link, they are prompted to connect their wallets, grant access to their assets, and so on. Victims who follow these instructions end up handing over all their sensitive information to the scammers.

Scheme #5: Double Your Money Trap  

In 2022-2023, a new trend emerged in the industry—crypto arbitrage. This method involves increasing capital by exploiting price differences for the same assets across different platforms. Arbitrageurs identify discrepancies in token prices between centralized and decentralized exchanges, OTC markets, and offline exchangers, and they capitalize on these differences through quick trades.

The process (for example, converting ETH to USDT on DEX #1 → transferring USDT to CEX #2 → cashing out USDT via exchanger #3) is known as a “loop.” While this method is legitimate, scammers have learned to deceive users by promising to share or sell these loops (revealing the details for a fee).

The mechanics of an arbitrage loop. Source: capital.com

The mechanics of an arbitrage loop. Source: capital.com

The scam begins with the scammer identifying a target. This is often done through various means: promoting educational courses on arbitrage or advertising a job at a reputed arbitrage firm. The scammer then convinces the victim of the loop's profitability, using fake testimonials, polished social media content, and more.

Here are some additional popular scam schemes:

  • Fake loop sale: The scammer offers to sell their “highly secret loop,” but once they receive payment, they disappear without a trace.
  • Fund management scam: The victim entrusts their funds to the scammer under the guise of managing the loop's “secrecy” (claiming that the loop can't be sold, but the scammer can easily “turn over” the victim's deposit for a profit). Once the funds are transferred, the scammer vanishes, taking the money with them.
  • Profiting from service fees: The scammer proposes a partnership using their loop, asking only for a small commission (typically 5–10% of the profit). The catch lies in the tools the scammer provides to the victim for executing the trades. Let’s delve into this one further.

After agreeing to collaborate, the victim receives the loop and is encouraged to start with a small amount to build trust. A typical loop might involve buying USDT on a centralized exchange (CEX) → exchanging USDT for another token (usually a stablecoin) on a decentralized exchange (DEX) → and then transferring the funds back to the CEX with a profit.

The trick occurs at the DEX stage: the scammer directs the victim to a fake website designed to resemble a legitimate decentralized exchange, but it’s actually controlled by the scammer. Instead of executing a real trade, the victim ends up transferring their funds directly to the scammer’s wallet. This could be the end of the scam, but often the scammer continues to string the victim along.

After stealing the initial amount (say, $100 USDT), the scammer sends it back to the victim, adding an extra $5–$10 to create the illusion of profit. Convinced that the loop is working, the victim increases their investment, perhaps sending $1,000 instead of $100. But this time, the funds stay with the scammer for good.

Social engineering techniques are constantly evolving. As artificial intelligence advances, detecting these scams will become even more difficult; scammers will be able to mimic voices, create realistic faces, gather personal information about you, and more.

Remember, the best defense against scams is awareness. While it’s impossible to remember every trick, common sense is your most reliable tool. 

The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.

Articles by this author
Bitget Targets 8 Accounts for $20M Manipulation of VOXEL Token

Bitget Targets 8 Accounts for $20M Manipulation of VOXEL Token

Crypto exchange Bitget said it will send legal notices to eight accounts suspected of profiting more than $20 million through VOXEL token manipulation. The exchange pledged to reimburse affected users through an airdrop.

Dmytro Psevdonimenko
N Crypto Conference 2025: Web3 Talks in Kyiv

N Crypto Conference 2025: Web3 Talks in Kyiv

The N Crypto Conference 2025 concluded successfully in Kyiv, attracting nearly 1,000 participants. The event featured 17 speakers, panel discussions on Web3 trends, and even a CS2 esports tournament.

Vlad Vovk
Loopscale Suffers $6M Hack, Negotiates Bounty With Exploiter

Loopscale Suffers $6M Hack, Negotiates Bounty With Exploiter

DeFi platform Loopscale is holding negotiations with a hacker after a $6 million exploit on April 26, 2025.

Anahit Avetisyan
ProShares to Roll Out XRP Futures ETF Lineup

ProShares to Roll Out XRP Futures ETF Lineup

ProShares is expanding its crypto product suite with three XRP futures ETFs, including leveraged and inverse options.

Anton Kryshtal
Crypto Talk on X Today: RTFKT Issues, PolytSwap Launch & More

Crypto Talk on X Today: RTFKT Issues, PolytSwap Launch & More

Recently, images from RTFKT’s CloneX NFT collection stopped showing on platforms. They’re back now, and Head of Tech Samuel Cardillo explained what went wrong.

Anahit Avetisyan
Hot Crypto Talk on X Today: Scott Melker’s Identity Faked, & More

Hot Crypto Talk on X Today: Scott Melker’s Identity Faked, & More

Crypto was hit with a new influencer scam today – Scott Melker, also known as The Wolf of All Streets, revealed that scammers deepfaked his identity and stole $4 million from a victim.

Anahit Avetisyan
From the Federal Reserve to the Front-Runner: Who Is Kevin Warsh, Trump’s Likely Pick?

From the Federal Reserve to the Front-Runner: Who Is Kevin Warsh, Trump’s Likely Pick?

Trump wants Powell out—and Kevin Warsh may be next in line. Could he reshape the Fed under a second Trump presidency?

Elina Moskovchuk
Kaia: What Happens When LINE and Kakao Merge into One Blockchain

Kaia: What Happens When LINE and Kakao Merge into One Blockchain

In just half a year, Kaia has quietly racked up 20 million transactions and drawn in over 400,000 active wallets. Built directly into Asia’s most ubiquitous messaging apps, its reach now extends to nearly 300 million users—a bold blueprint for Web3 adoption.

Vlad Vovk
What Is the Next Bitcoin-Like Investment? Key Factors to Consider

What Is the Next Bitcoin-Like Investment? Key Factors to Consider

Explore the critical factors in evaluating the next breakthrough digital asset. Learn how innovation, decentralization, security, and market trends can help spot a Bitcoin-like opportunity.

The Coinomist
What Is Open Interest in Options? Factors to Consider

What Is Open Interest in Options? Factors to Consider

A comprehensive guide on open interest in options trading, explaining its significance, how it differs from volume, and the key factors to consider when using it for strategy.

The Coinomist
ICO Meaning and Its Role in Blockchain Technology

ICO Meaning and Its Role in Blockchain Technology

ICOs let blockchain projects raise capital by selling tokens. Here’s how they work, their benefits, and the risks investors should be aware of.

The Coinomist
Crypto Whale Activity: What It Means for Your Investment Portfolio

Crypto Whale Activity: What It Means for Your Investment Portfolio

Crypto whales can move markets with a single trade. Learn how their actions affect prices—and how to adjust your investment strategy accordingly.

The Coinomist
What Are Covered Calls? Benefits and Risks

What Are Covered Calls? Benefits and Risks

Covered calls let investors earn income from stocks they already own. Learn how the strategy works, when to use it, and what risks to watch out for.

The Coinomist
Bitcoin Trades Sideways at $92K–$95K: Short Squeeze Unfolds Amid ETF Inflows

Bitcoin Trades Sideways at $92K–$95K: Short Squeeze Unfolds Amid ETF Inflows

Between $92,000 and $95,000, Bitcoin finds stillness. Traders retreat, ETFs awaken, and the market holds its breath—awaiting a spark to reignite the chart.

Anton Kryshtal
Bitcoin Retreats Slightly From $95K as Traders Lock In Gains

Bitcoin Retreats Slightly From $95K as Traders Lock In Gains

Despite a modest price correction, Bitcoin’s market share is expanding, with institutional investors continuing to pour capital into BTC ETFs.

Anton Kryshtal
MORE
Eternal Lines: Why Preserve Books on the Blockchain?

Eternal Lines: Why Preserve Books on the Blockchain?

As information becomes increasingly vulnerable to censorship, people are searching for new ways to preserve it reliably. One such solution is blockchain, which allows for the creation of permanent archives.

Iaroslava Kramarenko
Bitcoin Education Goes Academic: Inside the First Online Master’s Program

Bitcoin Education Goes Academic: Inside the First Online Master’s Program

You’ve heard of HODLing. Now imagine studying it. Spain’s University of the Hespérides is offering the world’s first Master’s in Bitcoin — and it’s more radical than you think.

Elina Moskovchuk
MORE