Top 5 Crypto Scams to Watch for in 2025
As we approach 2025, it’s essential to stay informed about the major scams hitting the cryptocurrency world. Here are five scams to be wary of:
1. Advanced Phishing Attacks
Advanced phishing attacks increasingly target cryptocurrency wallets and exchange accounts. Scammers now deploy sophisticated tactics to deceive users into divulging private keys or login credentials. Fraudulent websites that mimic real platforms are a common tactic. Cybercriminals may use social engineering to trick users into sharing sensitive data, impersonating support teams or designing fake interfaces.
Ways attackers execute these phishing schemes:
- Wallet Drainers: Malicious scripts created for phishing purposes which drain funds after a victim connects their wallet to a fraudulent site.
- Quishing: Using malicious QR codes that redirect users to phishing sites when scanned.
- Spear Phishing: Targeting specific individuals or organizations with tailored messages designed to induce panic and prompt quick, often costly actions.
In August 2025, Ethereum developer Zak Cole found his wallet drained due to a malicious browser extension that took his private key. Earlier that year, a significant $330 million heist occurred through social engineering.
2. Rug Pulls
Rug pulls exploit the buzz around decentralized finance (DeFi) platforms and NFT projects. Often, developers withdraw liquidity and vanish with investments. These scams often promise unrealistic returns while being mere imitations of legitimate projects.
Recent data shows that rug pulls led to about $6 billion in losses within the Web3 ecosystem in 2025 alone, a staggering increase from $90 million in early 2024.
A notable case involved the LIBRA token, which skyrocketed in value after being mentioned by President Javier Milei, only to plummet drastically afterward, leading to accusations of a rug pull.
3. Impersonation Scams
Scammers frequently impersonate trusted figures on social media to deceive users. This technique, known as impersonation, undermines trust within the ecosystem. Fraudsters often engage in conversations, create phony profiles, and promise fake giveaways to induce victims to send crypto directly.
In 2024, impersonation scams resulted in losses totaling $9.9 billion globally. In Hong Kong, scammers posed as Chief Executive John Lee using a fake account and deepfake video.
4. AI-Powered Deepfake Scams
Advancements in technology have spawned AI-generated deepfake scams, where scammers can create realistic videos or voice clones of public figures. These deepfakes have been able to fool even cautious users.
For instance, an 82-year-old retiree named Steve Beauchamp was swindled out of his entire retirement savings due to a convincing deepfake of Elon Musk claiming lucrative investment opportunities.
Deepfakes primarily exploit urgency and trust, making them a formidable threat in the crypto landscape.
5. Fake Crypto Support Scams
These scams target users seeking assistance under the guise of offering support from well-known exchanges or wallet services. Fraudulent support agents utilize social media and phony websites to victimize users.
Criminals often disseminate phishing links disguised as help portals, requesting sensitive information like private keys or seed phrases. Particularly after security breaches like the Coinbase incident in May 2025, scammers impersonated support personnel to extract sensitive data from unsuspecting users.
