Fake Airdrop Scams on X (Twitter)
How fake cryptocurrency airdrop scams spread through X using compromised verified accounts, reply spam, and promoted posts to drain wallets.
Part of: Fake Airdrop Scams
Last reviewed: 1 June 2026
X's architecture of public posts, verified accounts, and reply threading makes it the leading platform for fake airdrop fraud. A single compromised verified account can reach millions of followers with a convincing airdrop promotion before the account owner regains control.
The combination of X's real-time culture, FOMO-driven crypto audience, and the platform's history of high-profile account compromises makes airdrop scams on X uniquely dangerous compared to other social platforms.
How this scam works on X
Compromised verified accounts — often belonging to celebrities, politicians, or well-known crypto figures — post airdrop announcements directing followers to a wallet-connection page. The page requests wallet signature approval that either drains the connected wallet immediately or grants ongoing token transfer permissions.
Reply scams involve bot accounts flooding the replies of legitimate crypto project announcements with airdrop links, mimicking the official account name and avatar closely enough that casual inspection does not reveal the difference. Promoted post scams run paid advertising for fake airdrops targeting users who have interacted with crypto content.
Some operations create new verified accounts purchasing legacy checkmarks, then run coordinated posting campaigns with fake social proof — thousands of bot replies claiming to have received the airdrop successfully.
Common red flags
- Airdrop announcement from a verified account that seems out of character for that person
- Wallet connection request on an airdrop site that asks for token approval permissions
- Reply to a crypto project post from an account with a near-identical name to the official project
- Promoted post for an airdrop with a URL that does not match the official project domain
- Airdrop requiring you to send crypto first to receive a larger amount in return
How to protect yourself
- Never connect your main wallet to any airdrop site — use a separate wallet with minimal holdings
- Verify airdrop announcements directly on the official project website, not via X links
- Review all wallet connection permission requests carefully before approving
- Use a hardware wallet for significant crypto holdings — it cannot be drained by a web signature
- Revoke unnecessary wallet approvals regularly using tools like revoke.cash
How to report it
- Report the post to X using the flag function and selecting 'Misleading financial information'
- Report wallet-drainer websites to your national cybercrime authority
- If your wallet was drained, report to the FBI IC3 with transaction hash details
Frequently asked questions
How do I know if an airdrop on X is legitimate?
Verify the airdrop on the official project website accessed directly via your browser — not through X links. Legitimate airdrops do not require wallet signature approvals that grant spending permissions, do not ask you to send crypto first, and are announced on multiple verified official channels simultaneously. If in doubt, do not connect your wallet.