
As the world of finance and cryptocurrency continues to grow more complex, retail investors are increasingly becoming the target of various scams.
Whether you’re investing in traditional markets or diving into crypto, understanding how these scams work and knowing how to protect yourself is more important than ever. In this blog, we’ll explore nine of the most common scams that have hit retail investors over the past few years, and offer tips on how to steer clear of them.

Phishing Scams: Don't Take the Bait
Phishing scams have been around for a while, but they’ve evolved and become even more dangerous in the age of cryptocurrency.
Scammers send emails or messages that appear to come from legitimate companies, but the goal is always the same—steal your personal information. In October 2024, a sophisticated phishing campaign targeted users of Ledger hardware wallets.
Attackers sent fraudulent emails, falsely claiming to originate from Ledger, urging recipients to activate a non-existent security feature called "Ledger Clear Signing."
The emails warned that failure to do so by November 1 would compromise the security of their devices.
These messages contained malicious links directing users to counterfeit websites designed to harvest sensitive information, such as recovery phrases and private keys.
Unsuspecting users who followed these instructions risked having their cryptocurrency assets stolen.

This incident underscores the critical importance of verifying the authenticity of communications from service providers and exercising caution with unsolicited requests for personal information.
How to Avoid It:
Never click on links from unsolicited emails or messages. Always go directly to the website by typing the address into your browser or using official apps. Enable two-factor authentication (2FA) on your accounts for added security.

Ponzi and Pyramid Schemes: Life in the Crypto World
Ponzi and pyramid schemes aren’t new, but the digital world has given them a fresh, deceptive makeover. These schemes promise sky-high returns with little to no risk, but they rely on new participants to pay off earlier investors. In 2023, a platform called Fintoch was exposed as a Ponzi scheme, leaving investors with massive losses of approximately $31M USD.
How to Avoid It:
Be wary of any investment promising high returns with minimal effort. Do your research and make sure the investment is legitimate and registered with proper regulatory bodies.

Malicious Remote Part-Time Job Offers
Fake job scams have also spiked in the past 12 months and involve scammers posing as recruiters to trick victims into a ponzi-scheme type operation. In one example from January 2025, someone reached out, likely via text message, about a remote part-time job for a hotel revenue management company DUETTO. The “employee” would earn commission for every task they complete on a platform.
However, once onboarded the “employee” learns that each task required an initial crypto deposit to DUETTO, which they could only withdraw with their commission once the task was complete.
Ultimately, companies like DUETTO keep asking for more and more seed money for the commission withdrawals until they have scammed the “employee” out of all of their money.
How to Avoid It:
Be wary of any job opportunities that you receive from text or messaging platforms. Do your research on platforms like chainabuse.com and make sure the job is legitimate. Never send any kind of seed deposit or withdrawal tax to someone if they tell you to, it is 99% likely a scam.
We will have a larger article about this kind of scam in the coming weeks, so please stay tuned!

Fake Exchanges and Wallets: Looks Can Be Deceiving
With the rapid growth of cryptocurrency, fake exchanges and wallet apps have become a major threat. In January 2025, a counterfeit version of the Phantom wallet spread across app stores like Huawei, tricking users into depositing funds that were later stolen.
Another campaign targeting Metamask users leveraged email to send phishing messages such as the one shown.

These fake platforms can look almost identical to the real thing, making them hard to spot.
How to Avoid It:
Stick to well-known, reputable exchanges and wallets with strong security records. Always verify the platform or app’s legitimacy before using it. You can check the website URL and app download link across multiple sources (e.g. X and the official site) to see if it matches what you are about to click.

Celebrity Endorsement Scams: Don't Be Fooled By Fame
Celebrity endorsement scams have skyrocketed, especially in the crypto space. Scammers use fake ads or social media posts featuring famous personalities to lure victims into fraudulent investments.
The image below depicts a scam where scammers merged together the rebranding of Facebook to Meta, and the Hong Kong–based company Inblock’s creation of Metacoin to attract potential victims.

How to Avoid It:
Verify endorsements through official sources and be skeptical of any investment tied to a celebrity’s name. Celebrities are unlikely to promote risky financial products.

Social Media Scams: Beware of Fake Influencers
Social media has become a hotbed for financial scams, especially in the crypto world. Scammers create fake profiles of influencers or promote “giveaways” where they promise to double your cryptocurrency if you send them some first. In 2024, this type of scam became increasingly common on platforms like Twitter and Instagram.
How to Avoid It:
Be cautious about financial offers on social media. Never send money or cryptocurrency to anyone you don’t know personally or trust.

Impersonation Scams: They Look Legit - But They're Not
In impersonation scams, fraudsters pretend to be someone you trust, like a bank representative or tech support agent. In January 2025, fake “support” accounts on Telegram targeted Binance users, asking for sensitive information like login details.
Another popular target for threat actors is the X accounts of celebrities, influencers, or companies, because their credibility makes fraudulent posts more convincing to unsuspecting users. Similar to the celebrity endorsement scams described above, only this time from the actual, compromised, account of a celebrity, as opposed to a fake site. Once compromised, the threat actors will typically post fake cryptocurrency giveaways, claiming that sending a certain amount of cryptocurrency to a specified wallet will result in receiving double or more in return.
These scams often create a sense of urgency to pressure users into acting quickly without verifying the authenticity of the offer. Another common tactic is sharing malicious links that promise free NFTs, exclusive tokens, or access to lucrative crypto platforms. These links lead to phishing sites designed to steal users' wallet credentials or install malware that drains their funds. In December 2024, the UpOnly X account was compromised, shilling a scam token, and the hacker claimed he was able to earn $1M USD from victims.
In some cases, attackers impersonate companies or crypto projects through the compromised account, announcing fictitious initiatives like token presales or airdrops. Followers, believing these announcements are genuine, may transfer funds or unknowingly grant access to their crypto wallets. Bots will often be utilised to generate likes, retweets and comments, to increase the engagement and perceived validity of the post.
How to Avoid It:
Always verify the identity of anyone asking for money or personal information, especially if the request seems unusual. Never share sensitive details without confirming the person’s legitimacy

Cloud Mining Scams: Too Good to Be True? It Probably Is
Cloud mining scams promise retail investors easy profits by letting them invest in cryptocurrency mining operations. Unfortunately, many of these platforms are outright fraudulent. A notable example is the case of NovaTech Ltd, which was sued in June 2024 by New York Attorney General Letitia James. The company allegedly defrauded over $1 billion from hundreds of thousands of investors, primarily targeting immigrant communities. NovaTech enticed victims with promises of weekly profits from cryptocurrency trading and mining, but reportedly used only a fraction of the collected funds for legitimate trading activities.
How to Avoid It:
Be skeptical of any cloud mining service offering guaranteed high returns. Research the company thoroughly and avoid platforms that lack transparency about their operations.

Token/NFT Airdrop Phishing: A Free Drop That May Cost You
Airdrop scams are deceptive schemes in the cryptocurrency space where fraudsters impersonate legitimate projects, claiming to offer free tokens or NFTs as promotional giveaways. These scams typically lure victims by announcing airdrops via social media, emails, or direct messages, enticing them to participate by clicking on malicious links. Once engaged, users are often asked to connect their cryptocurrency wallets to fraudulent websites, ostensibly to claim the airdrop. This allows scammers to access wallet credentials, drain funds, or install malware.
Some scams require users to pay a small "transaction fee" to receive the airdrop, which is another way scammers steal funds. The promise of free rewards exploits users' trust and desire to gain quick profits, making awareness and caution critical in avoiding these scams. Always verify the legitimacy of airdrops through official project channels and avoid sharing sensitive wallet information or paying fees.
In September 2024, Decentraland's official X (formerly Twitter) account was compromised by attackers who promoted a fraudulent MANA token airdrop. Users were directed to a phishing site that prompted them to connect their wallets to claim the airdrop. Those who complied had their funds stolen.
How to Avoid It:
Be skeptical of any free tokens you are offered. Check to see if these have been labeled as Phishing in public block explorers like the example above.
The world of finance and cryptocurrency offers exciting opportunities, but it also comes with risks. Scams are evolving, becoming more sophisticated, and targeting retail investors like never before. The key to staying safe is to remain informed, skeptical of offers that seem too good to be true, and diligent in your research. By taking the right precautions, you can significantly reduce your risk of falling victim to these schemes.
Stay smart, stay safe, and always be on the lookout for red flags in your investment journey!
Original article by the zeroShadow team
Comments