By XMRWallet Team · Published · 6 min read
This is Part 2 of our crypto scam awareness series. Part 1 covers cryptojacking, pig butchering, and rug pulls. As the industry grows, fraud tactics grow with it. Cryptocurrency transaction volume continues to expand year over year — and while criminal activity consistently represents a small fraction of total volume (typically under 1%), the absolute amounts stolen remain significant. This instalment covers three additional scam patterns every crypto and Monero holder should understand.
1. Pump and Dump
A notable early example: in June 2021, members of FaZe Clan, a well-known esports and entertainment organization, promoted the "Save the Kids" charity token to millions of followers. The token's website pledged to donate proceeds to charity. After significant hype-driven buying, the token's price dropped sharply — from $0.0029 to $0.0012 within about a week. The implicated individuals were suspended from the organization.
A pump-and-dump scheme works by: insiders accumulating a large position in a low-liquidity token at a low price; coordinating promotion through social media, influencer posts, or messaging groups to drive up the price (the "pump"); and then selling all holdings simultaneously once the price has risen (the "dump"), causing a rapid collapse. Latecomers who bought during the pump are left holding near-worthless tokens.
These schemes are particularly common with low-cap tokens that can be moved dramatically with relatively small capital. Social media coordination and influencer reach make them especially fast and effective.
How to protect yourself:
- Research every token thoroughly before buying — understand its purpose, team, and tokenomics
- Start with very small amounts in any new project until it establishes a legitimate track record
- Treat influencer and celebrity promotions as a red flag to investigate, not a buy signal
- Be skeptical of tokens with rapidly rising prices and no clear fundamental catalyst
- Check on-chain wallet concentration — if a few wallets hold most of the supply, dump risk is high
2. Airdrop Phishing
A documented case: in 2017, OMG Network announced an airdrop of OMG tokens but postponed distribution. Scammers created fake websites and social media accounts instructing users to share their private keys to receive the tokens. Victims lost 300 ETH before authorities were alerted.
Modern airdrop phishing typically works differently. Attackers directly distribute malicious tokens to wallet addresses. When the recipient notices unfamiliar tokens in their wallet and visits the linked website to "claim" or "swap" them, the site either requests the seed phrase or prompts the user to sign a transaction granting unlimited spending permission — draining all assets. The message displayed in the block explorer ("Claim ZEPE on Website FIRST — www.example.vip") functions as bait to redirect victims to the fraudulent site.
Monero users have structural protection against this specific vector: Monero does not use ERC-20-style token approval mechanisms. However, fake airdrop sites can still attempt to phish for Monero seed phrases, so the general principles of never entering your seed phrase anywhere remain equally applicable.
How to protect yourself:
- Never enter your seed phrase on any website, ever — no legitimate service requires it
- Do not visit websites found in token transaction data from unknown sources
- Be suspicious of any airdrop requiring you to send crypto first or connect a wallet to receive tokens
- Review transaction permissions carefully before signing — revoke unnecessary approvals regularly on Ethereum wallets
- Follow only official project channels for airdrop announcements
3. Crypto Copycats
A documented case: victims lost approximately $2 million over a seven-month period to fake Elon Musk accounts on social media. The fraudulent accounts told followers to send 1 BTC and receive 10 BTC back — a classic "send crypto, receive more" scam that has been replicated across virtually every social platform.
Crypto copycats are malicious accounts that impersonate real companies, projects, entrepreneurs, or celebrities. They promote fake giveaways, exclusive investment opportunities, or urgent alerts that direct users to external websites designed to steal crypto, credentials, or personal data. The accounts are often convincingly created — correct profile photos, similar usernames, and enough followers to appear credible.
The core scam mechanics: no legitimate project, person, or company ever asks you to send cryptocurrency to receive more back. Any message claiming otherwise is a scam, regardless of how authentic the account appears.
How to protect yourself:
- Ignore any message instructing you to send crypto to receive more in return — without exception
- Verify social media accounts independently: look for platform verification marks and check follower history
- Never click links in unsolicited DMs, even from accounts that appear to be from known projects
- Report duplicate or impersonating accounts to the platform immediately
- Bookmark official project websites and access them directly rather than through links
The most effective defense against all these scams is a combination of knowledge and skepticism — slowing down to verify before acting on any prompt involving your wallet, seed phrase, or funds. Secure your XMR with a non-custodial wallet where you hold the private keys. XMRWallet is free, open-source, browser-based, and requires no registration — your 25-word seed phrase is the only key to your wallet, generated locally and never transmitted.
Frequently Asked Questions
How do pump-and-dump schemes work in crypto?
Insiders accumulate a position in a low-liquidity token, coordinate promotion to drive the price up (pump), then sell simultaneously (dump), causing a price collapse. Latecomers are left holding worthless tokens. Protection: research tokens thoroughly, treat influencer promotions as red flags, check on-chain token concentration, and invest only what you can afford to lose.
What is airdrop phishing and how do I protect myself?
Attackers distribute malicious tokens to wallet addresses. When recipients visit the linked site to claim them, they are prompted to enter their seed phrase or sign a transaction granting unlimited spending permission. Never enter your seed phrase on any website. Never visit sites from unknown tokens in your wallet. Monero users are partially protected as XMR does not use ERC-20 token approval mechanisms.
