While blockchain explorers provide transparency, scammers constantly evolve new ways to exploit users. Below are some common scams and how to detect them using blockchain explorers.

On this page, we’ll begin by covering some common scams, before sharing safety tips to ensure that you don’t fall victim.

1. Phishing Attacks & Fake Websites

Scammers create fake websites that impersonate popular DeFi platforms like Aave, Uniswap, or MetaMask. These websites look nearly identical to the real ones, tricking users into connecting their wallets and approving malicious transactions, giving hackers full control over their funds.

Things to watch out for:

• Fake “claim airdrop” messages on Twitter, Telegram, or Discord, urging you to connect your wallet.
• Unknown tokens suddenly appearing in your wallet.

Safety precautions:

• Use an anti-scam tool like WalletGuard (covered below) can automatically detect phishing links.
• Verify DNS records using tools like Who.is to check when the domain was registered. Scam sites often use newly registered domains.
• Never interact with unsolicited airdrops.

2. Airdrop Scams & Fake Tokens

Phishing scams are among the most common in crypto.

Scammers create fake websites that impersonate popular DeFi platforms like Aave, Uniswap, or MetaMask. Users unknowingly connect their wallets and approve malicious transactions, granting hackers full control over their funds.

Things to watch out for:

• Fake “claim airdrop” messages on Twitter, Telegram, or Discord, urging you to connect your wallet.
• Unknown tokens suddenly appearing in your wallet.

Safety precautions:

• Use an anti-scam tool like WalletGuard (covered below) can automatically detect phishing links.
• Verify DNS records using tools like Who.is to check when the domain was registered. Scam sites often use newly registered domains.
• Never interact with unsolicited airdrops.

3. Fake Employment or Meeting

An increasingly common scam involves fraudsters posing as potential employers, business partners, or investors. They reach out via email, LinkedIn, or Telegram, offering enticing job opportunities or collaboration proposals.

During the meeting, the scammer keeps their camera off, avoids asking qualifying questions, and quickly shifts focus to getting the target to download a file, install an application, or open a suspicious link. The file may contain malware that compromises wallets, or the application may prompt users to input their seed phrase or private keys.

For instance, the $100M Harmony Bridge exploit happened via a fake interview process, where an employment contract had a virus that stole the bridge’s passwords.

Things to watch out for:

• A high-paying job offer with no formal interview process.
• A sudden request to download a form, app, or screen-sharing tool.
• The interviewer does not show their face on webcam.
• Their email address doesn’t match the company’s official domain.

Safety precautions:

• Verify their email address by checking the company’s website.
• Check their LinkedIn profile and confirm their employment history.
• Avoid downloading any files from unknown sources, especially ZIP, EXE, or APK files.
• Request a face-to-face video call before proceeding.

4. Fake Tech Support & Recovery Scams

Scammers pretend to be customer support from MetaMask, Ledger, or a DeFi protocol. They ask for your seed phrase or instruct you to “verify” your wallet via a phishing link.

Things to Watch Out For:

• Random DMs on Discord or Telegram from “support staff.”
• Requests to “verify your wallet” or enter your seed phrase.
• Fake Google ads that redirect to phishing sites.

Safety Precautions:

• Never share your seed phrase—not even with support.
• Always go to the official website’s support page if you need help.
• Report suspicious support requests on Boring Security’s Discord.

5. Telegram Scams

Scammers increasingly use Telegram verification bots or malicious downloads to compromise wallets.

One common method involves fake Telegram verification bots, where scammers instruct users to complete a “verification” process through a bot. These bots execute malicious scripts that extract private keys, allowing attackers to take full control of the victim’s wallet.

Things to Watch Out For:

• Telegram bots that ask for your seed phrase or wallet connections.
• Direct messages from “support”—real admins will never DM you first.
• Fake giveaway groups promising free tokens in exchange for wallet interactions.

Safety Precautions:

• Never interact with Telegram bots requesting wallet access.
• Always verify official Telegram groups via project websites.
• Disable Telegram DMs from strangers to avoid unsolicited scam messages.
• If you need help, reach out to a project’s official support channel on their website—not Telegram.