The deeper you get into crypto, the more you realize how pervasive scams are. They range from simple phishing attacks to highly sophisticated social engineering schemes that can trick even the most security-conscious individuals. I’ve been on both sides of this: I’ve been a direct target of scammers, and I’ve also been impersonated by scammers trying to con my friends.

This post is a warning—especially for my friends and family—about how these scams work, how to recognize them, and what you can do to protect yourself.

The Most Basic Layer: Fake Influencer Scams

Let’s start with the low-effort scams. You’ve probably seen them before—fake Twitter (X) accounts mimicking well-known figures in crypto, promising massive returns on investments. These scams typically work by:

1. Impersonation – A scammer creates an account that looks like a well-known crypto personality or project.

2. Phishing Links – They post or DM links that lead to a website that looks like a legitimate crypto exchange, wallet, or airdrop claim page.

3. Credential Theft – If you enter your private key or seed phrase, they drain your wallet. If you enter credit card info, they steal that too.

These scams rely on volume. They cast a wide net and hope someone takes the bait. They’re crude, but they work because they exploit excitement, greed, and the general complexity of crypto.

The Next Level: Human-Driven Social Engineering

Now, let’s talk about a more dangerous type of scam—the kind that requires an actual human behind the keyboard, actively manipulating the victim.

In 2021, I was a software engineer at Coinbase. I had a public Instagram account with barely any photos or followers. It wasn’t particularly active, but it was real. A scammer took that profile, cloned it, and created a fake version that looked just “real enough.” Both accounts had roughly the same number of followers, a similar username, and enough activity that if you weren’t paying close attention, you couldn’t tell which was legit.

Then they found one of my acquaintances in the startup world. Through a carefully crafted conversation, they convinced him that they were actually me. The scammer, pretending to be "Carl, the Coinbase Engineer," played on credibility, trust, and the general understanding that people in the crypto space often exchange investment opportunities.

The result? My acquaintance wired $5,000 to them for what he believed was a legitimate crypto play.

This is a different level of scam because it’s not just automation—it’s targeted and personalized. It requires a scammer to research the victim, understand social dynamics, and craft messages that feel natural and convincing.

The more convincing this gets, scammers and criminals will dig on you to start finding dirt, I’ve even seen things like blackmail in the crypto space, which is mostly kept confidential. The more someone finds on you, the more sophisticated they can be about attacking you, your friends, and family.

Why This Will Keep Happening

The reality is that the deeper I (or anyone) gets into the crypto world, the more common these kinds of scams become. If you are associated with crypto in any way, scammers will try to exploit that. And if you have any level of public presence, they might even impersonate you to exploit your network.

This is especially true for people who work at major crypto companies, invest in projects, or even just participate in online discussions. Scammers know that crypto is still a technical and sometimes confusing space, so they weaponize that confusion.

How to Stay Safe

1. Double Verify Everything – If you ever get a message from me (or anyone else) about an investment opportunity, a crypto play, or anything involving money—pause. Reach out through another verified channel before taking action. If someone is offering you an investment, assume it’s a scam unless proven otherwise.

2. Watch for Impersonation – If an account looks like mine but feels slightly off, trust your gut. Scammers rely on the fact that most people don’t closely inspect usernames or small discrepancies.

3. Time is on Your Side – If I were ever hacked, I would regain control of my accounts within a few hours—at most, 10 hours (the only exception being if I’m on a long flight or asleep). So if anything seems suspicious, just wait. A real hack won’t last long.

4. Understand the Psychology of Scams – Scammers use urgency, authority, and familiarity to pressure people into acting quickly. If you feel like you’re being rushed into a decision, that’s a major red flag.

Final Thoughts

Scams in crypto aren’t just a problem for “newbies.” Even seasoned professionals get caught up in them. The more public you are, the more likely you’ll be a target—or worse, a tool scammers use to defraud others.

The best defense is vigilance. Always verify. Always double-check. And if something feels even slightly off, trust that feeling.

Stay safe out there.