What to Do If You're Scammed in Crypto
Discovering you've been scammed in crypto is sickening. The hard truth is that most stolen funds are never recovered, but acting fast can stop further losses and protect what you still have. Here's exactly what to do, step by step.
Act fast: stop further loss first
The single most important thing right after a scam is to prevent the attacker from taking more. Many victims lose a second and third time because they panic, leave wallets connected, or chase "recovery" promises. Treat the compromised wallet or account as if a thief has a copy of your keys, because they often do.
Work through this checklist in order:
- Move remaining funds to a brand-new, clean wallet you create on a trusted device. If your seed phrase (recovery phrase) may be exposed, every asset in that wallet is at risk, so move everything you can.
- Disconnect the wallet from every dApp and website. Close the browser tab and the connection.
- Change passwords and enable 2FA on any exchange or email tied to the incident. Use an authenticator app, not SMS.
- Stop talking to the scammer. Do not send "one more transaction to unlock funds." That is always part of the trap.
If your loss came from an exchange account rather than a self-custody wallet, contact the exchange's official support immediately and request an account freeze. Use only links from the official app or site, never a link someone sends you.
Revoke token approvals so the bleeding stops
In DeFi, you grant smart contracts permission ("approvals") to spend specific tokens. Scam sites trick you into granting unlimited approvals, which let the attacker drain those tokens any time, even days later. Moving funds out is not enough if a malicious approval is still active on a wallet you keep using.
Use a reputable token approval checker (for example, the revoke tools built into block explorers like Etherscan, or well-known standalone revoke services) to review and cancel approvals. Connect carefully and verify the URL.
| Approval type | What it means | Action |
|---|---|---|
| Unlimited approval | Contract can spend any amount of that token, forever | Revoke immediately |
| Specific-amount approval | Contract can spend up to a set limit | Revoke if you don't recognize it |
| No approvals | No spending permission granted | Safe; keep it that way |
Revoking costs a small network fee but is far cheaper than another drain. Going forward, prefer wallets that show exactly what each signature does, and learn to read transaction prompts before approving. Our guide on security best practices covers safer signing habits in detail.
Report the scam (even if recovery is unlikely)
Reporting will probably not get your money back, but it matters. It creates a record, helps authorities track patterns, and can occasionally lead to frozen funds if the thief moves crypto to an exchange that complies with law enforcement.
- File with law enforcement in your country (in the US, the FBI's IC3; elsewhere, your national cybercrime unit or police). Provide all details.
- Report to the exchange if you can trace the funds to a known platform. Give them transaction hashes; they may flag or freeze the receiving account.
- Report the scam site or contact to the platform where you found it (the app store, social network, or domain registrar).
- Gather evidence: wallet addresses, transaction IDs, screenshots, chat logs, dates, and the URLs involved.
Why recovery is usually impossible (be honest with yourself)
This is the part nobody wants to hear. Blockchain transactions are irreversible by design. There is no bank to call, no chargeback, and no central authority that can undo a confirmed transfer. Once funds leave your wallet, only the holder of the new keys controls them.
Scammers also launder fast, splitting funds across many addresses, mixers, and cross-chain bridges within minutes. By the time you notice, the trail is often cold.
Worst of all, a second scam preys on victims: the "recovery scam." Someone messages you claiming they can retrieve your stolen crypto for an upfront fee. They cannot. Anyone guaranteeing recovery, asking for payment, or requesting your seed phrase is scamming you again.
| Claim you'll hear | Reality |
|---|---|
| "We can reverse the blockchain transaction." | Impossible. Confirmed transfers are permanent. |
| "Pay a fee and we'll recover your funds." | Recovery scam. You'll lose more. |
| "Share your seed phrase to verify ownership." | Never share it. They'll empty any remaining wallet. |
Legitimate help is free or comes from law enforcement and licensed professionals who never demand crypto upfront or your private keys.
Prevention: the only reliable protection
Since recovery rarely works, prevention is everything. Build these habits before you ever transact:
- Never share your seed phrase or private keys with anyone, any site, or any "support agent." No legitimate service will ask.
- Verify every URL and contract. Bookmark official sites. Scam clones are one character off.
- Use a hardware wallet for significant holdings, and review the different crypto wallet types to choose what fits you.
- Be skeptical of guaranteed returns. Promised profits, "double your coins" giveaways, and pressure to act now are classic red flags.
- Read transaction prompts before signing. If you don't understand what you're approving, stop.
- Limit approvals and revoke old ones periodically.
If you're still learning the basics, our walkthrough on how to start in crypto and our dedicated guide to avoiding crypto scams will help you build safer habits from day one. Crypto carries real risk, scams included; the best defense is slowing down, verifying, and protecting your keys above all else.
NOONOO TRADING — join the free chat and watch live trading together.
Join free chat →📈 Sign up on OKX for a trading fee discount
Get OKX fee discount →