Download Trust Wallet

How to Spot a Crypto Scam

Published on: Jan 25, 2024
Share post
In Brief

Learn to identify and protect against crypto scams with Trust Wallet's guide. Discover types of phishing attacks and safety tips to secure your digital assets.

How to Spot a Crypto Scam

At Trust Wallet, we take a proactive approach to security that keeps your assets safe – but security often goes beyond the Trust Wallet app itself. In fact, security threats come in many forms including phishing attacks.

So in this guide, we’ll go through what phishing attacks are, how scammers use them to steal information and crypto, and how to protect yourself.

Before we start: Get proactive security alerts from Trust Wallet

Educating our community is one of the best ways to combat online scammers and hackers. That’s why we provide content like this guide to help keep you one step ahead of malicious actors.

Additionally, you can get proactive security alerts inside of Trust Wallet that alerts you of risky transactions and malicious dApps.

These security alerts are designed to help you keep your digital assets safe, so install the most updated version of Trust Wallet to ensure you receive them. Get the latest version of Trust Wallet to enjoy a safer Web3 experience.


What is a phishing attack?

A phishing attack is when online hackers and scammers try to steal your personal information by pretending to be a trusted person or entity. These malicious actors use fake emails, websites, social media posts and much more to convince you they are real – and their goal is to gain unauthorized access to your personal information and crypto.

Phishing attacks come in many forms including:

Let’s have a look at these phishing attack examples, including how to spot a fake, and how to protect your information and your crypto.

Fraudulent emails

Phishing emails are one of the most common ways scammers try to steal your information and crypto. They can be difficult to detect as they often look really authentic, but we’ll outline some simple ways to spot them using the example below.

Note: When in doubt, DO NOT click on any links, and reach out to our support team using this form 81 if you suspect you’ve received a phishing email.


What to look out for:

How to stay safe:

Airdrop Scams

Airdrop scams are another popular method used by scammers to trick unsuspecting people into giving away their personal information and crypto. Airdrops are typically events where a project distributes free tokens or coins to the crypto community as a way of promoting their project or increasing their user base. Scammers exploit this concept by creating fake airdrops that ask users to provide their private information or deposit tokens in order to receive the “free” airdrop.

The image below is an example of a person who could be a victim of an airdrop scam. Remember to NEVER share your secret phrase (seed phrase) with anyone for any reason – even if they are promising you a big airdrop or anything else as you could become a victim of this common scam.


What to look out for:

How to stay safe:

By being vigilant and understanding how to spot these phishing attacks, you can protect your valuable information and crypto assets. Stay informed, stay secure, and always trust your instincts when it comes to your digital assets.

Fake websites

Phishing websites can be difficult to detect because they often look authentic and might include the Trust Wallet logo.

That’s why it’s important to take note of the URL. For example, you might see a website like in the below example, which is not Trust Wallet’s real URL. Trust Wallet’s real URL is


As with other forms of phishing, it’s important to never enter your 12-word secret phrase and to avoid clicking any links or filling out any forms.

What to look out for:

How to stay safe:

Watch wallet scams (watch-only spending scams)

Watch-only spending scams are phishing attacks that exploit users’ misunderstanding of watch-only wallet addresses. Scammers deceive users into believing that they can access or spend the funds shown in a watch-only address without a private key, which is not the case.

What to watch out for:

How to stay safe:

By being vigilant and understanding the limitations of watch-only wallet addresses, you can protect yourself from falling victim to watch-only spending scams and safeguard your crypto assets.

Address poisoning scams

Address poisoning is a type of scam that misleads people into sending crypto to the wrong address. This scam is difficult to spot unless you know exactly what to look for and how to avoid it.

Here’s how address poisoning works:

  1. The scammer creates a wallet address that looks very similar to one of your wallet addresses or an address you’ve recently interacted with. For instance, if a friend sends you crypto, they create an address that looks like your friend’s address. Or if you’ve sent yourself crypto from an exchange, they’ll create an address similar to that one.

  2. The scammer sends a small amount of crypto to your wallet from the similar-looking address they created. Sometimes they even send a zero (“0”) amount of crypto.

  3. From here, the scammer hopes the next time you send crypto, you’ll get lazy and copy their scam address from your transaction history, and mistakenly send them your crypto.

Address poisoning is difficult to spot because crypto applications typically shorten crypto addresses in transaction summaries. In the image above you see that the addresses are shortened in Trust Wallet transaction histories as well.

This makes sense because crypto addresses can be very long, so it’s convenient to look at the prefix (the first few characters of the address) and suffix (the last few characters of the address).

In the above image example, the deposit of 0.001 ETH and the withdrawal of 0.002 ETH look like they are from and to the same address. But the deposit could be from a scam address. Why is that possible? Because from the transaction summary page, you cannot see the full address. You would only know the full address for certain if you clicked into the details.

Scammers have realized that many people don’t check the full address of their transactions – and they hope that you don’t click to see the full details of addresses you interact with before sending crypto.

What to look out for:

How to stay safe:

Fake wallet apps

Fake wallet apps that appear like the real Trust Wallet can trick you into giving up your secret phrase. You might come across a fake Trust Wallet app through a malicious website or an app store.

To avoid downloading fake Trust Wallet apps, always start from the official download page for Trust Wallet. The official page will direct you to the correct app store.


What to look out for:

How to stay safe:

Unexpected SMS text messages

Trust Wallet is a decentralized self-custody wallet, and the wallet does not use any form of SMS 2FA or confirmation methods.

So any SMS text message you receive in regards to Trust Wallet is fake and is trying to gain unauthorized access to your crypto. Trust Wallet will never send you an SMS text message.


What to look out for:

How to stay safe:

Social media posts and chat groups

It’s common for online scammers to use social media accounts on Twitter, Telegram and others to mislead people into giving up sensitive information – including wallet secret phrases. Always note, Trust Wallet will never message you on social apps (or anywhere else) to ask for your 12-word secret phrase.


What to look out for:

How to stay safe:

Not sure if something is a phishing attack or not?

Phishing attacks are evolving to become more sophisticated, so if you’re ever unsure if you’re being targeted, reach out to our support team.


Join the Trust Wallet community on Telegram Follow us on X (formerly Twitter) Instagram Facebook Reddit

Note: Any cited numbers, figures, or illustrations are reported at the time of writing, and are subject to change.

Simple and convenient
to use, seamless to explore

Download Trust Wallet