Fake Exchange Support Scams Targeting ETH & Stablecoin Users
Impersonators posing as exchange support staff steal Ethereum wallets or on-exchange balances of ETH and stablecoins through fake account recovery processes.
Part of: Fake Crypto Exchange Support Scams
Last reviewed: 1 June 2026
ETH and stablecoin balances on centralised exchanges are prime targets for fake support scams because exchanges hold large pools of user funds in custodial wallets. Fraudsters impersonating exchange support staff aim to obtain login credentials or instruct victims to move funds to a 'secure wallet' — which they control.
Stablecoins on exchanges represent particularly attractive targets because their value is predictable and they can be withdrawn globally to any address the attacker controls.
How this scam works on Ethereum & stablecoins
An exchange user posts on Reddit about a pending USDC withdrawal that is delayed. A fake support agent responds in minutes, directing them to a lookalike support portal that harvests their login credentials and two-factor authentication codes. The attacker withdraws all ETH and stablecoins immediately.
Some impersonators call users directly, claiming to be from the exchange's fraud department. They warn that the user's USDT is at risk from a suspicious transaction and walk them through 'moving it to a secure address' that the attacker controls.
Fake exchange apps on third-party download sites harvest credentials on login and drain any ETH or stablecoin balance within the session.
Common red flags
- Support contact initiated via reply to your social media post rather than your opening a ticket
- Agent asks for your login credentials, 2FA code, or withdrawal confirmation code
- You are advised to send ETH or stablecoins to an external 'secure' address to protect them
- The support URL differs from the exchange's official domain
- Agent creates urgency by claiming a pending exploit will drain your account
- Support app downloaded from outside the official app store
How to protect yourself
- Only contact exchange support through the official website — never via a link someone else provides
- Enable withdrawal address whitelisting so new addresses require a 24-hour confirmation period
- Never share 2FA codes or withdrawal codes with anyone
- Store substantial ETH and stablecoin holdings in a self-custody wallet, not solely on an exchange
- Use a hardware security key for exchange 2FA rather than SMS or authenticator apps where possible
- Report any suspicious social media accounts impersonating your exchange immediately
How to report it
- Report the impersonation account and URL to the exchange's verified security contact
- File a cybercrime report with your national authority including all transaction hashes
- Submit the attacker's on-chain addresses to blockchain threat intelligence services
Frequently asked questions
Can an exchange reverse a stablecoin withdrawal made by a scammer on my account?
On-chain transfers cannot be reversed. However, if the attacker is withdrawing to another centralised exchange, reporting immediately may result in the receiving exchange freezing the deposit. Contact your exchange's security team at once and file law enforcement reports to support any freeze request.