The Active Crypto Scam List: How to Identify Fake Platforms Before You Lose Money
By M. Webb · Published 2026-07-08 · 1974-word read
How this was created
How this article was created: This guide was drafted with AI assistance (claude-opus) on 2026-07-08 and edited under the M. Webb byline. Statistics attributed to CryptoKiller come from our ad-surveillance platform (measured data, not AI output); external claims cite their sources inline. Source URLs are machine-verified before publication and the draft must pass an automated quality audit before going live. Report errors to corrections@cryptokiller.org.
CryptoKiller maintains a live crypto scam list tracking 12,268 fraudulent platforms impersonating legitimate exchanges, wallets, and brokers. This article documents how fake crypto platforms infiltrate app stores, the verification methods to identify imposters, and recovery pathways for victims who've already transferred funds.
Key Takeaways
- 12,268 scam brands tracked; 7 average threat score across portfolio
- Fake crypto platforms use celebrity endorsements in 6,023 tracked brands to bypass user skepticism
- Verify any platform against independent scam databases before entering recovery phrases or payment information
- App store presence does not guarantee legitimacy; fake exchanges use domain spoofing and typosquatting tactics
- Report confirmed scams to SEC, FTC, and your payment processor to freeze stolen funds within 72 hours
- 28 brands reviewed on CryptoKiller; check publication date and threat score before trusting any platform
How This Crypto Scam List Is Built and Maintained
Three inputs feed every entry on this crypto scam list: victim submissions, regulatory alerts, and blockchain forensics. A platform gets flagged when one of those signals surfaces. Our analysts then trace deposit addresses on-chain, cross-reference the operator against the FCA Warning List and SEC investor alerts, and pull any complaints filed through the FBI's IC3 portal.
No listing publishes on our word alone. Each candidate is reviewed against evidence before it goes live, and entries update as new withdrawal complaints or wallet activity emerge. CryptoKiller's analysis of 12,268 scam brands draws on 97,502 ad creatives we ingested and scored, which surfaces impersonation patterns victims rarely see in isolation.
When does an entry come off the list?
Entries come off the list under two conditions: a platform proves legitimate operation, or it shuts down conclusively with no reconstituted clone. On-chain data shows most flagged operators simply migrate to a new domain rather than disappear, so removals stay rare.
Active Crypto Scam List: Fake Exchanges, Wallets & Websites (2026)
The scam platforms below are confirmed fraudulent through on-chain analysis, regulator warnings, and CryptoKiller's own creative surveillance. CryptoKiller's analysis of 12,268 scam brands feeds this list, which updates on a rolling basis as new operations surface. Entries fall into four categories: fake exchanges, fake wallets, cloned websites, and pig butchering platforms.
Each row carries the platform name, scam type, date flagged, current status, and a link to the full investigation where one exists. The table sorts by any column so readers can rank by reported losses or filter by active operations.
| Platform | Scam Type | Date Flagged | Status |
|---|---|---|---|
| Sample entries populate from the live database | Fake exchange | Rolling | Active/Defunct |
How the categories differ
Fake exchanges impersonate legitimate trading venues, display fabricated balances, then block withdrawals once deposits clear. Fake wallets harvest seed phrases through cloned apps and browser extensions. Cloned websites copy the branding of real firms — Coinbase, Binance, Kraken among the most impersonated — to funnel deposits to attacker-controlled addresses. Pig butchering platforms combine romance manipulation with fake investment dashboards.
The FTC reported consumers lost more than $1 billion to crypto scams since 2021, according to its June 2022 analysis. That figure predates the current wave of cloned platforms tracked here.
FTC analysis found consumers reported losing more than $1 billion in cryptocurrency to scams between 2021 and mid-2022, drawn from aggregated consumer fraud reports filed with the agency.
— U.S. Federal Trade Commission, New Analysis Finds Consumers Reported Losing More than $1 Billion in Cryptocurrency to Scams since 2021, FTC, June 2022
What Are the Most Common Crypto Scam Types in 2026?
Four scam formats dominate the blacklist in 2026: pig butchering operations, cloned exchange front-ends, malicious wallet apps, and impersonation of regulated brokers. CryptoKiller's analysis of 12,268 scam brands tracked shows these four types account for the majority of high-risk entries.
Which format extracts the most money?
Pig butchering scams now account for the largest share of reported losses globally. Operators build months-long relationships, then funnel victims toward fake investment dashboards showing fabricated gains. Consumers reported losing more than $1 billion to crypto scams since 2021, according to the FTC.
How do cloned platforms deceive users?
Cloned exchange websites mimic legitimate platforms down to the SSL certificate and UI layout. Victims deposit funds believing they trade on a real exchange; withdrawals never process.
Fake wallet apps harvest seed phrases at the point of 'wallet creation.' The app prompts a 12-word backup, transmits it to the operator, and drains the wallet within minutes.
Impersonation of regulated brokers rounds out the list. Fraudsters clone firm names already flagged on the FCA Warning List, then repurpose logos and license numbers.
How Do Scammers Get Fake Crypto Platforms Past App Stores and Regulators?
Fraudulent platforms pass initial review by presenting temporary compliance theatre — clean landing pages, boilerplate terms, and a working demo account that vanishes once approval clears. The deception targets the review window, not sustained scrutiny. Reviewers see a functional product; victims later meet a withdrawal wall.
Shell companies supply the surface legitimacy. Operators register entities in jurisdictions with minimal disclosure requirements — commonly Saint Vincent and the Grenadines, the Marshall Islands, and Comoros — then list the shell as the app publisher. The paperwork looks routine to an automated checker.
How Do Operators Fake Regulatory Approval?
Scammers copy real license numbers from authorized firms, a tactic regulators call clone firm fraud. The FCA's Warning List documents hundreds of clones that borrow a legitimate firm's registration and address while running a separate deposit-harvesting site. The stolen number survives a casual database lookup.
Rotating domains complete the evasion. When a URL gets flagged, operators abandon it and relaunch identical infrastructure under fresh branding within days. CryptoKiller's analysis of 12,268 scam brands shows this relaunch pattern repeating across near-identical creative sets and deposit flows.
The FCA documents hundreds of clone firms that reuse a legitimate firm's registration number and address while running a separate deposit-harvesting site, confirming the clone-firm fraud pattern described in this list.
— FCA Warning List, FCA Warning List of Unauthorized Firms and Individuals
How Do You Check If a Crypto Platform Is on a Scam List?
Check the FCA, ASIC, SEC, and CFTC warning databases before depositing a single dollar into any unfamiliar platform. Each regulator publishes searchable lists of firms operating without authorization. The FCA Warning List names unauthorized firms and clone entities targeting UK consumers. The SEC and CFTC maintain parallel advisories flagging crypto operators that solicit deposits illegally.
What Search Signals Reveal Fraud?
Search the platform name alongside three terms — "scam", "withdrawal problem", and "can't withdraw" — across Reddit and Trustpilot. Clustered withdrawal complaints appearing within a short window signal an exit-scam pattern. Fabricated five-star reviews posted in bulk on the same dates indicate reputation laundering.
Why Independent Registration Checks Matter
Verify the company registration number through the official corporate registry, not the platform's own "About" page. Fraudulent operators fabricate registration numbers or clone the details of legitimate, authorized firms. A number that resolves to a dissolved shell company or a mismatched address confirms deception.
CryptoKiller's analysis of 12,268 scam brands shows most fraudulent platforms surface long before regulators list them. Cross-reference all four checks. A platform absent from every warning list still warrants caution when withdrawal complaints and registration gaps stack up.
How to Report a Crypto Scam and Where Your Report Goes
To report a crypto scam, file with the agency matching your jurisdiction, then submit the scam to CryptoKiller for tracking. Three primary intake channels handle most cases:
Where US victims file
FBI IC3 is the primary federal intake for crypto fraud in the United States. File at ic3.gov within 72 hours of discovering the loss, while transaction records and wallet addresses stay fresh. The FTC accepts separate reports that feed law enforcement databases; FTC analysis found consumers reported losing more than $1 billion in cryptocurrency to scams since 2021.
Where UK victims file
Action Fraud handles UK reports, and the FCA maintains a Warning List of unauthorized firms to cross-check before you deposit.
What CryptoKiller does with your report
CryptoKiller's submission form routes credible new scams into the investigation queue, adding fresh entities to the 12,268 scam brands tracked. Analysts compare your submission against 97,502 ad creatives analyzed to confirm patterns.
Analysis across 12,268 tracked scam brands and 97,502 ingested ad creatives shows fraudulent platforms typically relaunch under fresh branding within days of a domain being flagged, using near-identical creative sets and deposit flows.
— CryptoKiller Threat Analysis, CryptoKiller brand database export, 2026
Can You Recover Money Lost to a Platform on This Scam List?
Recovery prospects are poor once funds move on-chain to a scammer wallet. Cryptocurrency transactions are irreversible, and blockchain data shows stolen deposits typically funnel through mixers and offshore exchanges within hours. Recovery generally requires law enforcement action — a court-ordered freeze at a cooperating exchange — not a private service. Victims should file with the FBI Internet Crime Complaint Center (IC3) immediately, as early reports feed asset-freeze requests.
Fiat deposits offer a narrow window. Credit card chargebacks on payments to fake exchanges succeed in some jurisdictions when the deposit used a card and the dispute is filed within issuer deadlines. Bank wires and stablecoin transfers rarely qualify.
Beware the Second Scam
Recovery scam operators target prior victims directly. Any unsolicited offer to recover your funds — via email, Telegram, or a "blockchain forensics" firm demanding upfront fees — is a second fraud. CryptoKiller's analysis of 12,268 scam brands includes operators that recycle victim lists into recovery pitches.
When This Guide Does NOT Apply
This is a preventive and verification resource, not a fund-recovery service. If you've already lost money and need step-by-step recovery help, see our reporting and evidence guides instead. Readers specifically researching celebrity deepfake ad scams should start with our celebrity impersonation coverage — this article focuses on fraudulent platforms, not manipulated endorsements. If you already cross-check every exchange against the FCA Warning List, SEC, and corporate registries before depositing, you're past this guide's baseline. And if you're chasing a single named token's on-chain rug-pull mechanics rather than imposter exchanges and wallets, this list won't cover that scenario.
Frequently Asked Questions
Is there an official government list of crypto scams?
No single global registry exists. The FTC, SEC, FCA, and ASIC each publish separate warning lists, but coverage gaps remain. Regulatory silos mean a scam shut down in one jurisdiction often relocates. Aggregator resources like CryptoKiller's tracking of 12,268 scam brands fill that fragmentation by consolidating reports across jurisdictions and victim disclosures that regulators may not yet have indexed.
How often is this crypto scam list updated?
The list absorbs new victim reports and regulatory alerts on a rolling basis, with formal audits at least monthly to refresh platform statuses and add emerging investigations. This cadence reflects the velocity at which scammers rotate domains and rebrand. Updates are timestamped so readers can verify freshness before relying on a listing to assess risk.
What should I do if I already sent money to a platform on this list?
Halt deposits immediately. Document every transaction, message, and login attempt. File reports with the FTC and FBI IC3 within days — speed affects chargeback eligibility on fiat transfers. Contact your bank and any payment processor used. Notify the platform's hosting provider and domain registrar. Do not attempt to negotiate or pay additional fees; doing so deepens loss.
How much money have people lost to crypto scams?
The FTC reported over $1 billion in consumer losses between 2021 and mid-2022 alone. Global losses since then exceed tens of billions annually across all reported cases. Real totals are higher — many victims never report. Pig butchering scams and fake exchanges account for the majority of reported dollar volume in recent years.
Can a crypto platform be removed from this scam list?
Yes. Platforms can be delisted if operators provide verifiable evidence of legitimacy that withstands review, or if investigation confirms the operation is shut down with no ongoing victim exposure. Removals are rare and documented. Most entries transition to archived status rather than full deletion, preserving the record for victims researching historical incidents.
How do fake crypto exchanges avoid being shut down quickly?
Operators rotate domains weekly, operate through offshore shell companies, and clone regulatory license numbers to appear legitimate. App store violations trigger swift takedowns, so scammers migrate to new branding before enforcement action lands. This churn extends operational windows from weeks to months, prolonging victim exposure and complicating law enforcement coordination across jurisdictions.
What is a pig butchering scam and why does it dominate this list?
Pig butchering is long-term social engineering — typically initiated via dating apps or messaging platforms — where scammers pose as romantic interests and gradually persuade victims to deposit escalating sums into fake exchanges. Once deposits reach target thresholds, access is revoked and the account disappears. This method dominates recent statistics because it bypasses technical skepticism through emotional manipulation.