Real Crypto Exchange Support vs Fake-Support DM
How to tell a genuine exchange support interaction from a fraudulent direct message posing as customer service in order to steal your funds or credentials.
Last reviewed: 1 June 2026
Cryptocurrency exchanges never send unsolicited direct messages offering support. Fraudsters monitor exchange-related hashtags, Discord servers, Telegram channels, and Reddit threads for users reporting problems, then contact them privately claiming to be official support. The goal is always to access your wallet, seed phrase, or account credentials.
Side-by-side comparison
| Genuine crypto exchange support | Fake support DM or impersonator | |
|---|---|---|
| How support is initiated | You contact the exchange through their official website's verified support portal, live chat widget, or email listed on their domain | Support contacts you first via Twitter DM, Discord, Telegram, or Reddit private message in response to a public complaint you posted |
| Account access requests | Support asks you to verify identity through your account settings or via official identity verification — never asks for your password or seed phrase | Asks you to share your password, private key, recovery seed phrase, or to connect your wallet to an external site to 'restore access' |
| Verification process | Account verification is handled within your account portal — logging in, uploading ID, confirming via registered email | Asks you to paste your seed phrase into a form, connect your wallet to an external site, or share your screen |
| Communication channel | All official communications originate from the exchange's verified domain (e.g. [email protected]) or official in-app messaging | DM comes from an account with a username resembling the exchange's but with subtle differences (extra underscore, number suffix) |
| Resolution approach | Issues are resolved through documented processes — account review, KYC re-submission, or email ticket — with a reference number | Promises immediate resolution if you take a specific action 'right now', creating urgency to prevent you from pausing to verify |
Common red flags
- Support contact was initiated by someone else, not by you through official channels
- Request for your seed phrase, private key, or wallet recovery phrase under any circumstances
- Request to connect your wallet to an external website to 'verify' or 'restore' your account
- Support agent is communicating via Telegram, Discord, or Twitter DM rather than an official support ticket system
- Urgency language suggesting your funds are at risk unless you act immediately
Verification steps
- Open a support ticket directly through the exchange's official website — type the URL yourself rather than clicking any link
- Check the exchange's verified social media accounts for warnings about impersonators
- Never share your seed phrase with anyone — a legitimate exchange has no mechanism that requires it
What not to do
- Do not share your seed phrase, private key, or wallet password with any 'support' contact
- Do not connect your wallet to any external site recommended by someone in a DM
- Do not follow support instructions received via Telegram, Discord, or Twitter DM without verifying through the official website
A safe response
If someone claiming to be exchange support has contacted you unsolicited, do not engage further. Open a ticket through the exchange's official website to report the impersonation and to address any genuine account issue. If you have shared credentials, revoke access immediately and secure your account.
Frequently asked questions
An account with the exchange's official name reached out to me on Twitter — is it real?
Probably not. Twitter allows any account to use any display name; the username (handle) is what identifies an account uniquely. Cross-check the handle against the exchange's official verified account linked from their website. Official exchanges do not initiate support via DM.
I gave my seed phrase before I realised — what should I do?
Act immediately. Transfer all assets from the compromised wallet to a brand-new wallet you have just created, before the scammer does. Your current wallet should be treated as fully compromised — any assets remaining are at risk of being drained at any moment.