Fake DeFi yield protocol scam

A scammer launches a website that looks like a legitimate DeFi yield aggregator — clean charts, "audited" badges, a copy of Yearn or Aave's UI, a fake TVL counter. They market through influencer payments, paid Telegram channels, and farmed Twitter accounts.

Users deposit stablecoins (USDC, USDT) via a wallet connection. The transaction either:

1. Moves the deposit directly to a developer-controlled wallet (the "protocol" never actually deploys yield-bearing contracts), or
2. Grants the protocol unlimited approval over the user's tokens, allowing slow drainage.

Some operate for weeks before disappearing; others rug after a single large deposit cluster.

• Yields are dramatically above market — 20-50% APY on stablecoins where real protocols pay 3-8%.
• Team is anonymous or "based offshore for regulatory reasons."
• Smart contracts aren't on a real chain explorer, or are deployed by a brand-new wallet.
• "Audited" badge links to a generic image, not a real audit report.
• The protocol promises principal-protected yield, which doesn't exist in real DeFi.
• TVL counter looks suspiciously round or grows on a perfect curve.
• Telegram or Discord admins delete dissenting questions.

1. Check DefiLlama. Real DeFi protocols are tracked there with real on-chain TVL data.
2. Verify the audit. Real audit reports are PDFs hosted on the auditor's domain. The auditor (Certik, OpenZeppelin, Trail of Bits, Spearbit) is verifiable independently.
3. Look at the smart contract on the chain explorer. Real protocols have detailed contracts with source code verified.
4. Search the protocol name + "rug" or "scam" before depositing anything.
5. Apply the rule: stablecoin yields above ~8% APY require an extraordinary explanation. None of the explanations are "this new protocol just invented it."

• Stop adding funds.
• Try withdrawing immediately. Capture the result (often "withdrawal failed: insufficient liquidity").
• Revoke approvals at revoke.cash.
• Report the contract to Chainabuse and ScamSniffer.
• Report to IC3.
• Expect a recovery scam within days.

• Do not keep depositing to "average down" or "compound."
• Do not pay any "unlock fee" or "withdrawal tax."
• Do not sign new approvals trying to "fix" the withdrawal.
• Do not connect your hardware wallet to try to verify — the smart contract is the problem, not your wallet.

• FTC: reportfraud.ftc.gov — the broadest US fraud intake; reports flow to thousands of law-enforcement agencies.
• FBI IC3: ic3.gov — the right destination when the scam is internet-enabled (phishing, BEC, romance, crypto).
• CFPB: consumerfinance.gov/complaint — for complaints about banks, money transmitters, payment apps, credit cards, debt collection.
• IdentityTheft.gov — if any identity information (SSN, driver's license, account credentials) was shared.
• Your bank or payment platform. Call the number on the back of your card or use the app's in-product help. Time matters — wires can sometimes be recalled within hours; ACH and Zelle are harder but worth trying.