Fake crypto exchange scam

A fake exchange is a website or mobile app that looks and behaves like a real cryptocurrency trading platform. Some clone the UI of Coinbase, Binance, Kraken, or OKX almost pixel-for-pixel. Others invent plausible-sounding new exchange names. The exchange takes real deposits to a scammer-controlled wallet, then displays fake balances and fake "trade activity" on the user's dashboard.

When the user tries to withdraw, the platform invents reasons to refuse: KYC re-verification, AML compliance fee, "VIP unlock," tax pre-payment, deposit-matching requirement. Each demand drains more money. The platform never lets you withdraw.

Some fake exchanges are paired with a romance / pig-butchering scenario. Others are advertised cold on social media — promoted posts on Facebook, Telegram channels, YouTube comments.

A "friend," "mentor," or "trader" tells you about a platform with great returns. They send you a link. The site has charts, an order book, a portfolio dashboard, and customer support chat. You sign up, deposit $200 via wire or crypto, and start "trading." Within a week, your balance shows $800. You deposit more.

When you try to withdraw $500, the site says you need to:

• "Complete advanced KYC verification (fee: $300)"
• "Pay capital-gains tax up front (fee: 15% of profits)"
• "Upgrade to VIP tier (deposit $5,000 minimum)"
• "Match your withdrawal amount with a fresh deposit to demonstrate liquidity"

You pay one. A new requirement appears. Repeat until you stop.

• You hadn't heard of the exchange before a stranger or social-media ad recommended it.
• The exchange isn't listed on CoinMarketCap or CoinGecko, or has very low reported volume.
• The domain is less than a year old (check WHOIS).
• The "About" page is generic — stock photos for the team, no LinkedIn-verifiable backgrounds.
• Customer service is only via Telegram, WhatsApp, or live chat — no phone or US support address.
• You can deposit but withdrawals require new payments.
• The platform name closely mirrors a real exchange but the domain isn't the real one (e.g., "binance-pro.io" vs "binance.com").

• Cloned UI of major exchanges — Coinbase, Binance, Kraken lookalikes.
• Fresh-name exchange — invented brand with a polished site.
• Telegram-bot "exchange" — trade entirely through a bot interface.
• Mobile-app-only exchange — APK sideloaded outside the Play Store.
• MetaMask wallet drainer — looks like an exchange, actually a malicious smart-contract approval.
• Bridge / cross-chain swap scam — fake bridge that takes deposits one-way.

1. Look up the exchange on regulator registries. SEC EDGAR (US), FCA (UK), FINMA (Switzerland), or the equivalent in your jurisdiction. If it's not registered anywhere relevant, treat it as untrusted.
2. Check WHOIS for the domain age. Domains under a year old, registered to privacy services, are suspect.
3. Check community discussions. Reddit r/cryptocurrency, r/cryptocurrencyscams, and BitcoinTalk forum threads usually flag fake exchanges within weeks.
4. Do a tiny withdrawal as your first action. Deposit $50, immediately try to withdraw $20. Real platforms allow this. Fake ones don't.
5. Major regulated exchanges in the US include Coinbase, Kraken, and Gemini. Outside the US, Binance.com and major regional exchanges. Unfamiliar names should default to suspect.
6. Never connect your wallet to a URL provided by a stranger or a Telegram link. Bookmark official sites directly.

• Stop sending more money. The "release fee" or "withdrawal tax" is never the last.
• Capture all transaction hashes, wallet addresses, and dashboard screenshots.
• Report destination wallets to your sending exchange. Major exchanges flag and freeze inbound deposits from known scam addresses.
• Report to IC3 with full transaction history. Federal seizure operations occasionally recover funds in this category.
• Revoke smart-contract approvals at revoke.cash if you connected your wallet to any URL the scammer provided.
• Expect a recovery scam follow-up. Pre-decide not to engage.

• Do not pay "release fees," "tax pre-payments," "AML clearance," or "deposit matches" to withdraw.
• Do not sign smart-contract approvals you don't understand.
• Do not continue depositing because "my balance is growing." The balance is a number on a screen.
• Do not install the exchange's "verification app" that asks for your seed phrase.

• FTC: reportfraud.ftc.gov — the broadest US fraud intake; reports flow to thousands of law-enforcement agencies.
• FBI IC3: ic3.gov — the right destination when the scam is internet-enabled (phishing, BEC, romance, crypto).
• CFPB: consumerfinance.gov/complaint — for complaints about banks, money transmitters, payment apps, credit cards, debt collection.
• IdentityTheft.gov — if any identity information (SSN, driver's license, account credentials) was shared.
• Your bank or payment platform. Call the number on the back of your card or use the app's in-product help. Time matters — wires can sometimes be recalled within hours; ACH and Zelle are harder but worth trying.

The exchange is in Apple's App Store. Doesn't Apple vet apps? Apple's review catches the obvious malware but has repeatedly missed pig-butchering apps disguised as enterprise tools or shipped via TestFlight links. Presence in the App Store is not validation.

Why does my balance keep growing? Because the dashboard is a webpage / app controlled by the scammer. The "trades" are animations. Nothing connects to real markets. They show growth to encourage more deposits.

I can see my address on a blockchain explorer with real transactions. Doesn't that prove it's real? You can see the deposits you sent and where they went. You can't see "your balance on the exchange" because the exchange's internal ledger is whatever the scammer says it is. Look at where your funds actually moved — usually a hot wallet that fans out to several others.

What about new legitimate exchanges? Real new exchanges typically take 1–2+ years to build regulatory clearance, security audits, and reputation. They publish detailed team backgrounds, undergo public security audits, and offer responsive customer service through known channels. If you can't verify these, default to a major established exchange.