Crypto Scam Terms Explained: Your Guide to Fraud Tactics and Defenses

By · Published 2026-07-06 · 1940-word read

How this was created

How this article was created: This guide was drafted with AI assistance (claude-opus) on 2026-07-06 and edited under the P. Nair byline. Statistics attributed to CryptoKiller come from our ad-surveillance platform (measured data, not AI output); external claims cite their sources inline. Source URLs are machine-verified before publication and the draft must pass an automated quality audit before going live. Report errors to corrections@cryptokiller.org.

Scammers weaponize obscure crypto scam terms to obscure theft. This glossary decodes 97k ad creative patterns across 12k fraudulent brands, explaining rug pulls, pig butchering, smart-contract traps, and wallet attacks—then shows you what to do when you spot them.

Person examining suspicious cryptocurrency transaction on laptop screen with warning indicators visible
Image: CryptoKiller editorial illustration

Key Takeaways

  • Rug pulls, soft rugs, and exit scams differ in timing and whether founders pretend legitimacy.
  • Pig butchering uses fabricated relationships and fake trading apps to extract money over months.
  • Honeypots, backdoors, and infinite mints trap your wallet; you send funds but cannot withdraw.
  • Pump-and-dump and wash trading inflate prices artificially before insiders cash out.
  • Address poisoning, dusting, and clipboard hijacking steal funds at the wallet level.
  • If scammed: document everything, report to the platform and blockchain analyzer, never trust recovery promises.
Hands analyzing cryptocurrency glossary and terms with magnifying glass on paper desk
CryptoKiller editorial illustration

Why Scammers Rely on Confusing Jargon

Jargon is the con man's velvet rope. Learn the crypto scam terms and half the trick collapses on contact.

Scammers weaponize vocabulary to fake authority. "Yield optimization." "Liquidity provisioning." "Zero-knowledge staking rollups." Nobody knows what it means. That's the point. Words that sound engineered by MIT dropouts imply competence you never verified.

Unfamiliar terms also silence the one question that saves victims: "What does that actually mean?" People nod along rather than admit ignorance. The scammer counts on your embarrassment. Remarkable how shame does the heavy lifting.

Across 96,709 ad creatives analyzed, the same borrowed dictionary recurs — technical enough to intimidate, vague enough to promise anything.

How does knowing the vocabulary help?

Knowing the terminology breaks the manipulation cycle. Once you can translate "guaranteed APY" into "nonsense," the spell ends. The FTC notes only scammers demand payment exclusively in cryptocurrency — plain language, no jargon required.

Understand the words. Watch the pitch dissolve. The usual pattern.

Three-track timeline showing instant liquidity drain, weeks-long bleed, and slow abandonment
Three-track timeline showing instant liquidity drain, weeks-long bleed, and slow abandonment
Smartphone screen showing empty cryptocurrency wallet after suspicious transaction
CryptoKiller editorial illustration

Rug Pull, Exit Scam, and Soft Rug: What Is the Difference?

The difference is timing and theatrics. A rug pull drains liquidity instantly. An exit scam bleeds funds slowly. A soft rug abandons the project while the website still promises a "roadmap." Three flavors of the same disappearance act.

The hard rug

Rug pulls happen at the speed of a smart contract. Developers seed a liquidity pool, hype the token, then withdraw every dollar the moment retail buys in. Squid Game token, AnubisDAO, Meerkat Finance — same script, different logos. Warning signs precede all of them: locked-liquidity claims nobody verified, anonymous teams, contract functions that let deployers mint or drain at will. Remarkable how often "audited" means "we posted a PDF."

Exit scams and soft rugs

Exit scams take patience. The team collects deposits, posts "partnership announcements," then evaporates over weeks. Thodex, QuadrigaCX, Africrypt — funds gone, founders on a plane.

Soft rugs are the cowards' version. No dramatic drain. Just declining GitHub commits, unanswered Discord tickets, and a token quietly sliding to zero while marketing keeps posting. Death by neglect, dressed as "building."

CryptoKiller's analysis of 12,237 scam brands shows the same abandonment patterns recycled across 96,709 ad creatives. Different ticker. Identical ending.

Another day, another "community-driven" project with a suspiciously mobile treasury. The usual pattern.

Funnel diagram tracing romance grooming, fake dashboard pivot, and repeating fee extraction
Funnel diagram tracing romance grooming, fake dashboard pivot, and repeating fee extraction

What Is Pig Butchering and How Does the Script Work?

Pig butchering is a romance-investment fraud where scammers fatten a victim emotionally before slaughtering their savings. The Chinese term sha zhu pan translates literally to "pig butchering plate." Charming.

The script runs on a fixed timeline. A stranger messages you — wrong number, mutual friend, dating app match. Weeks of warmth follow. No investment pitch yet. Just breakfast photos and good-morning texts. The grooming is the point.

Then the pivot. Your new confidant mentions a "trading opportunity" that changed their life. You're directed to a slick platform showing your deposit magically compounding. Fabricated profits, rendered in convincing dashboards. The SEC has flagged exactly these fraudulent trading platforms for years.

Why the Withdrawal Never Comes

Withdrawals always fail. This is the structural feature, not a bug. Try to cash out your "gains" and a fee appears. Pay it, another fee appears — "taxes," "verification," "unlock charges." The extraction continues until the victim runs dry or wises up.

The FTC's guidance stays blunt: only scammers demand payment in cryptocurrency. Every legitimate broker on Earth manages to accept a bank transfer.

CryptoKiller's analysis of 96,709 ad creatives shows the same funnel repeated across the 12,237-brand portfolio. Different names, identical mechanics.

The emotional buildup, the fake dashboard, the endless fees. Three acts, one ending.

Another day, another slaughterhouse with a login page.

Token analyzer output flagging a honeypot contract that blocks sells
Token analyzer output flagging a honeypot contract that blocks sells

Smart-Contract Traps: Honeypot, Backdoor, and Infinite Mint Explained

Honeypot contracts let you buy and quietly forbid you from ever selling. You watch the chart climb. You click sell. The transaction reverts. Congratulations, you own a token forever.

Three traps dominate the genre: honeypots, backdoors, and infinite mint. Each is a few lines of Solidity separating your wallet from your money.

How each trap is coded

Honeypot. A hidden condition in the transfer function blocks every address except the deployer. Buys sail through. Sells fail. The "liquidity" was never yours to leave with.

Backdoor. The deployer keeps an owner-only function — pause trading, blacklist holders, drain the pool. Marketing calls it "renounced ownership." The code disagrees.

Infinite mint. No supply cap. The deployer summons a trillion new tokens, dumps them, and the price finds a new home near zero. Standard.

How to spot them free

Token sniffers like Token Sniffer and Honeypot.is simulate a sell before you commit real funds. Read the mint function. Check whether ownership is genuinely burned or just claimed to be. Meme tokens and freshly deployed ERC-20s are the usual weapons.

CryptoKiller's analysis across 96,709 ad creatives shows these contracts arrive wrapped in the same "100x guaranteed" promos. Average threat score sits at 7/100.

Another day, another unsellable jackpot. Only in crypto.

Wallet history diagram highlighting near-identical first and last four characters of a spoofed address
Wallet history diagram highlighting near-identical first and last four characters of a spoofed address

How Do Pump-and-Dump and Wash Trading Inflate Token Prices?

Pump-and-dump schemes inflate token prices through coordinated buying, then collapse them when the organizers dump on the retail crowd they recruited. The mechanics are older than crypto. Only the venue changed.

A Telegram or Discord channel promises a "coordinated buy" at a fixed timestamp. Members rush in. Price spikes. The organizers — who accumulated hours earlier — sell into the frenzy. The CFTC flagged this exact choreography in its pump-and-dump advisory, noting that insiders profit while latecomers hold the bag. Another day, another "community moonshot."

What Is Wash Trading?

Wash trading fakes volume by having the same wallet, or a ring of colluding wallets, trade an asset back and forth with itself. No real buyer exists. The chart shows activity. The activity is theater. NFT markets adopted the tactic enthusiastically — a token "selling" ten times in an hour, always between two friendly addresses.

Both tactics exploit the transparency paradox. On-chain data is fully visible, yet nearly impossible to act on before the dump completes. You can watch the fraud in real time and still lose.

Across 96,709 ad creatives analyzed, the recruitment funnels for these schemes follow a template: urgency, a countdown, a "guaranteed" pump. Retail investors end up holding worthless assets. The organizers move to the next ticker.

Remarkable. The usual pattern.

Bar chart contrasting fake theatrical volume against near-zero genuine trades
Bar chart contrasting fake theatrical volume against near-zero genuine trades

Address Poisoning, Dusting, and Clipboard Hijacking: Wallet-Level Attacks Defined

These three attacks skip the fake-celebrity theater entirely and rob you at the transaction layer. No romance. No "guaranteed 300% returns." Just your own clipboard betraying you.

How does address poisoning work?

Address poisoning plants a near-identical wallet address in your transaction history. Scammers send you a tiny amount from a lookalike address — same first four characters, same last four. Later, you copy the wrong one from your history and send funds to the attacker. Remarkable. You robbed yourself, from muscle memory.

What are dusting and clipboard hijacking?

Dusting sprinkles micro-transactions across thousands of wallets to de-anonymize activity — linking addresses, probing which are active, mapping who owns what. The "dust" itself is worthless. The surveillance isn't.

Clipboard hijacking is the quiet one. Malware watches your clipboard, detects a copied wallet address, and swaps it for the attacker's before you paste. You never see the switch. The transaction confirms. The funds vanish.

Three defenses, no exceptions:

  1. Verify the full address, not the first and last four.
  2. Use address book whitelists, never transaction history.
  3. Send a test amount before anything large.

CryptoKiller's analysis spans 96,709 ad creatives — but these attacks need no ad. Only in crypto.

What Should You Do If You Encounter a Scam Using These Tactics?

Report the scam to the FTC at ReportFraud.ftc.gov and the FBI at IC3.gov immediately. Both channels feed the same investigators who already know the playbook. You're report number several-thousand this month. Feel special.

Preserve everything before the scammer vanishes:

  • Wallet addresses and transaction hashes — the blockchain remembers even when the "support agent" ghosts you
  • Screenshots of every promise, every fake dashboard, every "withdrawal pending"
  • Communication logs from Telegram, WhatsApp, or wherever the romance blossomed

Contact your bank if fiat funded the crypto sent to scammers. Chargebacks recover funds when the deposit used a card and you move fast. The window closes quickly.

The FTC's guidance is blunt: only scammers demand payment in cryptocurrency — for utilities, blackmail threats, or "charity donations" — according to FTC Consumer Advice. No legitimate entity insists on Bitcoin.

CryptoKiller's analysis of 96,709 ad creatives shows the same three tactics recycled endlessly. Report it anyway. Your evidence helps the next target skip the lesson.

Another day, another wallet address to document. The usual pattern.

When This Guide Does NOT Apply

Already lost funds to one of these schemes — this glossary is preventive; for clawback steps, see the crypto scam recovery guide instead. Researching a specific celebrity deepfake ad rather than terminology — that's a different investigation; wallet-level attacks and rug pulls aren't the same as impersonation. Auditing smart contracts professionally — you already read Solidity mint functions for a living, so honeypot basics won't help you. And if you're hunting the legitimate etymology of DYOR or WAGMI for a linguistics paper, this documents how scammers weaponize the slang, not its wholesome origins. Everyone else decoding jargon before it costs them: read on.

P. Nair — investigates cryptocurrency fraud at CryptoKiller.

Frequently Asked Questions

What is a rug pull in crypto?

Developers drain the liquidity pool and vanish, leaving token holders with worthless digital confetti. The exit strategy was always baked in. Token price collapses to zero. Investors discover their holdings are now a souvenir of optimism. Remarkable how predictable the pattern remains.

What does honeypot mean in crypto scams?

Smart contracts coded to accept your money but reject your sales orders. Buy in. Never sell out. Funds lock inside the contract forever, mathematically trapped. Only in crypto does a financial prison get branded with cute terminology. The code simply says no.

What is pig butchering in cryptocurrency fraud?

Romance scammers invest weeks building fake relationships before directing victims to counterfeit trading platforms. The emotional fattening precedes the slaughter. Victims deposit funds into fake wallets controlled by the con. By the time the pig notices the abattoir, the operator has vanished with deposits.

How can I tell if a crypto token is a pump-and-dump?

Sudden volume spikes with zero news. Heavy Telegram promotion from anonymous accounts. A handful of wallets controlling most supply. Price climbs on hype alone. Exit happens fast. The pattern repeats so consistently it reads like choreography. Watch for urgency language and coordinated shilling.

What is address poisoning and how do I avoid it?

Scammers send micro-transactions from addresses mimicking your frequent contacts, betting you'll copy the wrong one. Verify every character of long addresses before sending. Clipboard hijacking exploits the same laziness. Slow down. Read the full string. Sloppy verification is the scammer's only tool.

Is crypto slang used differently by scammers versus legitimate communities?

Scammers weaponize legitimate phrases—DYOR, WAGMI, diamond hands—to sound credible while pressuring you into rushed decisions. Context reveals the fraud. Real due diligence takes time. Scammers demand speed. Urgency plus jargon equals con. Watch who's actually encouraging thought versus who's demanding action now.

Where do I report a crypto scam in the United States?

File with the FTC at ReportFraud.ftc.gov, FBI's IC3.gov, and the CFTC at cftc.gov/complaint. Three agencies. One outcome: your report joins thousands of others. Recovery odds remain grim. Reporting stops future victims from the same operator. Do it anyway. Documentation matters.

Sources

  1. Only scammers demand utility payments in cryptocurrency — FTC Consumer Advice
  2. Scam emails demand Bitcoin, threaten blackmail — FTC Consumer Advice
  3. Donating with crypto? Watch out for scams — FTC Consumer Advice
  4. Crypto Scam Reports — FBI Internet Crime Complaint Center (IC3)
Add CryptoKiller as a preferred source on Google

Prioritize CryptoKiller's scam investigations in your Google results.

Back to blog