Loading…
Loading…
Page 26 of 41.
Criminals pose as tax authorities or Cash App representatives, claiming a tax refund has been deposited to the victim's Cash App account and that a verification payment or sign-in code is required to release it — a classic advance-fee twist on the tax-refund scam.
BrandScammers posing as customers contact small businesses, send fake Zelle payment screenshots, and pressure the business to ship goods or provide services before the payment actually clears — relying on the fact that a screenshot proves nothing.
BrandScammers impersonating PayPal instruct victims to purchase gift cards and read out the codes to 'pay' a fabricated fee, debt, or security hold on their PayPal account — a demand that the real PayPal would never make.
BrandCriminals send emails impersonating Wise's compliance team, claiming the victim's account has been suspended pending identity re-verification, and directing them to an external site that harvests passport details, selfies, and banking credentials.
BrandFraudsters impersonating Revolut's fraud team instruct account holders to transfer their balance to a 'Revolut-secured holding account' to protect it during an alleged security investigation — a classic safe-account scam using Revolut's own transfer infrastructure.
BrandCriminals create fake Robinhood referral pages or social-media posts claiming users can receive free shares of a popular company by signing up or verifying their existing account — leading to a phishing page or a cryptocurrency scam tied to a fake 'Robinhood token'.
BrandCriminals send emails or texts mimicking bank password-reset notifications, claiming the victim's online banking password was just changed by an unknown device and instructing them to click a link to 'undo the change' — delivering them to a credential-harvesting page.
BrandFraudsters send fake PayPal order-confirmation or payment-sent notifications for transactions the victim never made, then provide a 'cancel this payment' link that leads to a credential-harvesting page or a fake PayPal customer-service number.
BrandCriminals send emails or texts claiming a Cash App account has been suspended for suspicious activity and direct users to a phishing site or fake support number to restore access — harvesting sign-in codes and payment details in the process.
BrandFraudsters send texts or emails mimicking a victim's own bank, claiming a government stimulus or relief payment has been deposited and can be accessed by clicking a link — a phishing attack that harvests banking credentials under the cover of a benefit.
BrandCriminals impersonating PayPal's fraud team instruct account holders to withdraw their PayPal balance and wire it to a 'PayPal-secured holding account' to protect funds during a fabricated security investigation — a safe-account scam using PayPal's trusted name.
BrandFraudsters place outbound calls claiming to be PayPal's customer service team, referencing supposed disputes, high-risk transactions, or account holds, then collect login credentials or OTPs to take over the account while the victim believes they are receiving help.
BrandScammers impersonating Cash App's fraud team tell users their account is at risk and that sending their balance to a 'Cash App safety wallet' or 'verified secure $Cashtag' will protect their funds — a safe-account scam dressed in Cash App branding.
BrandCriminals who possess a victim's linked phone number or email address attempt a Cash App login, which triggers a real sign-in code, then contact the victim under a pretext to get them to read out that code — instantly unlocking full account access.
BrandBecause Zelle has no standalone consumer app support channel separate from users' banks, scammers exploit the gap by advertising fake Zelle helpline numbers online — catching users who search for help and tricking them into handing over banking credentials.
BrandCriminals create fake bank-login pages branded with Zelle's logo and claim the victim must verify their Zelle account to prevent it being taken over — a credential-harvesting attack that provides full online banking access, not just Zelle access.
BrandFraudsters send emails claiming Stripe has placed a hold on the merchant's next payout due to a compliance review and direct them to a fake Stripe dashboard to resolve it — harvesting login credentials and 2FA codes to take over the Stripe account.
BrandCriminals send developer-targeted emails mimicking Stripe's security alerts or API documentation updates, directing technical staff to a fake Stripe developer portal that collects live API secret keys — giving immediate programmatic access to the merchant's Stripe account.
BrandFraudsters impersonating Wise's fraud team tell account holders that their multi-currency balance is at risk and must be transferred to a 'Wise-secured account' before it is frozen — exploiting Wise's cross-border transfer capability to move funds internationally and out of reach.
BrandCriminals set up fake Wise support chat widgets on lookalike websites or social media, posing as Wise agents to collect login credentials and OTPs from users who believe they are receiving official in-app support.
BrandCriminals contact Revolut users claiming a new device needs to be removed from the account for security, then walk them through steps that actually authorise the attacker's device — granting persistent access to the Revolut account without any further OTPs.
BrandCriminals send emails mimicking Revolut's password-reset notification format, claiming the victim's PIN or passcode was just changed and providing a link to 'undo the change' that leads to a credential-harvesting page masquerading as the Revolut app login.
BrandFraudsters create fake Robinhood support websites and social-media accounts, posing as customer-service agents to collect brokerage account credentials and 2FA codes from investors seeking help with trading or account issues.
BrandCriminals send fake Robinhood password-reset emails claiming the victim's brokerage account password was just changed and directing them to a phishing page to 'undo' the change — capturing login credentials and potentially 2FA codes in a real-time takeover attempt.
BrandCriminals posing as a bank's fraud team call customers and instruct them to wire their savings to a 'safe account' to protect them from a fabricated ongoing fraud — a scam that has cost bank customers significant financial losses across many countries.
BrandCriminals create fraudulent bank-support phone numbers that appear in search results or are shared on social media, waiting for customers seeking help with online banking issues to call — then harvesting credentials and initiating fraudulent transfers during the 'support' call.
BrandCriminals who have obtained a victim's banking login credentials call posing as the bank's fraud department and, citing a 'security check', trick the victim into reading back the one-time passcode the bank just sent — completing an account takeover or fraudulent transfer in real time.
BrandCriminals build pixel-perfect replicas of popular bank online-banking portals and drive victims to them via SMS, email, or search-engine ads — harvesting full login credentials, security answers, and OTPs to take over accounts.
BrandScammers send fake PayPal billing notices claiming that a subscription or service fee will be automatically charged and inviting recipients to cancel via a link — leading to a credential-harvesting page that captures PayPal login details.
BrandAttackers use email and password combinations from previous data breaches to attempt automated PayPal logins, then phone victims claiming to be PayPal security to harvest the OTP needed to complete the takeover — blending technical and social-engineering techniques.
BrandCriminals send fake Cash App payment-request links via SMS, email, or social media that lead to a phishing page styled as the Cash App login — collecting sign-in codes to take over accounts under the pretence of processing a legitimate payment.
BrandScammers impersonating Cash App claim users owe a fee, tax, or verification payment that must be paid by purchasing gift cards and sharing the codes — mirroring the classic gift-card demand scam but using Cash App's name to add apparent urgency and legitimacy.
BrandCriminals posing as Stripe's risk team tell merchants that a large wave of chargebacks requires immediate funds to be deposited into a 'Stripe reserve account' — a safe-account variant targeting small businesses whose revenue depends on Stripe payouts.
BrandCriminals send fake Stripe dashboard-password reset emails to merchants, directing them to a phishing page that captures the new password and 2FA code — giving attackers authenticated access to the live Stripe dashboard and its customer data and payout settings.
BrandAttackers send phishing emails that capture Wise login credentials, then immediately use them to change the registered email address — locking the real account holder out and taking full control before any OTP challenge can be received.
BrandFraudsters who hold a victim's Wise login credentials call or text claiming Wise's 2FA system needs to be re-verified, talking the victim into sharing the OTP that Wise just sent — completing the account takeover the attacker was blocked from finishing alone.
BrandCriminals send SMS or email alerts mimicking Revolut's payment-notification format, claiming a large outgoing payment was just made from the account, with a link to dispute it — leading to a credential-harvesting page that replicates Revolut's app login screen.
BrandFraudsters create convincing fake Revolut support accounts on Twitter/X, Instagram, and Facebook that respond to customers who post about problems publicly, gathering credentials and OTPs from users who believe they are receiving genuine Revolut help.
BrandFraudsters posing as Robinhood's security team tell investors that their brokerage account has been compromised and that all holdings must be liquidated and transferred to a 'Robinhood-secured custodial account' — a safe-account scam targeting retail investors' entire portfolios.
BrandCriminals send SMS or email alerts mimicking bank transaction notifications, claiming a large subscription payment was just deducted, and directing victims to a phishing page to dispute or cancel it — harvesting banking credentials under the guise of consumer protection.
BrandScammers impersonating a victim's bank over the phone trigger a Zelle-related OTP to the victim's device and, posing as a fraud specialist, persuade the victim to share that code — instantly authorising a fraudulent Zelle transfer before the victim realises what happened.
BrandCriminals pose as a bank's Zelle support team, claiming to process a refund from a cancelled service or fraudulent charge via Zelle — then manipulate the victim into sending money rather than receiving it through a bank-app navigation trick.
BrandScammers impersonating Wise's compliance or verification team instruct international users to purchase gift cards and share the codes to clear a supposed verification fee or account restriction — a gift-card demand scam that exploits Wise's cross-border reputation.
BrandCriminals who cannot intercept a Cash App sign-in code by social engineering instead perform a SIM swap — transferring the victim's phone number to a SIM they control — so that Cash App's SMS-based sign-in codes arrive to the attacker's device rather than the victim's.
BrandCriminals send emails mimicking bank purchase-confirmation notifications for large orders victims never made, with a bank-branded 'cancel this order' link that harvests online banking credentials — using the bank's authority to lend credibility to a fake e-commerce notification.
BrandCriminals intercept or spoof B2B payment communications and substitute fraudulent Zelle account details for the legitimate payee's, diverting invoice payments to an attacker-controlled bank account before the substitution is discovered.
BrandCriminals send fake Robinhood Gold renewal notices to brokerage account holders claiming an annual fee will be automatically charged, and provide a 'cancel subscription' link leading to a phishing page that harvests Robinhood account credentials.
BrandCriminals impersonating a victim's own bank call to claim an account has been flagged for fraud or money laundering and demand that the victim purchase gift cards as an 'asset freeze' or 'security deposit' — a gift-card drain scam using the bank's authority to add pressure.
BrandScammers impersonating Wise contact account holders claiming a recently sent transfer can be cancelled and refunded, then guide them through steps that actually initiate a new outgoing transfer rather than receiving a refund.
BrandCriminals pose as Binance customer support agents to gain account access or extract funds. Binance will never DM you first on Telegram or ask for your login credentials.
BrandFraudsters clone the Binance brand to promote fake crypto giveaways, promising to double coins sent to a wallet address. Binance has never run a 'send us crypto and get double back' promotion.
BrandAttackers pose as Binance to trick users into revealing their wallet seed phrases under the guise of account verification or wallet linking. No exchange — including Binance — will ever need your seed phrase.
BrandCriminals impersonate Coinbase support to take over accounts or steal funds. Coinbase's real support is ticket-based; the company will never call you unsolicited and ask for your password or 2FA code.
BrandScammers use the Coinbase name and logo to promote fake crypto giveaways on social media and via email. Coinbase has never offered a promotion where sending crypto results in double the amount being returned.
BrandFraudsters create fake MetaMask sites and pop-ups that trick users into signing malicious transactions, instantly emptying their wallet. MetaMask never asks you to re-enter your seed phrase to fix an error.
BrandAttackers build near-identical MetaMask interfaces to harvest users' 12-word secret recovery phrases. Once obtained, the phrase gives permanent, irreversible access to every asset in the wallet.
BrandIce-phishing attacks trick MetaMask users into signing transactions that grant attackers permission to drain their tokens — without ever stealing the seed phrase. The wallet key remains intact while assets are lost.
BrandScammers send physical mailers and emails to known Ledger customers claiming their device has been compromised, directing them to a fake 'Ledger Live' download that steals their seed phrase. Ledger will never mail you asking to validate your device.
BrandCriminals send fake Ledger security alerts directing users to enter their 24-word recovery phrase on lookalike sites. No Ledger process — including genuine firmware updates — ever requires entering the recovery phrase online.
BrandFraudulent 'recovery services' impersonate Ledger support to charge fees for recovering supposedly lost crypto, then steal whatever remains in the wallet. No legitimate recovery service needs your seed phrase.
BrandCriminals send emails and messages claiming Trezor accounts require urgent revalidation, directing victims to fake Trezor Suite pages designed to capture their recovery seed. Trezor Suite never asks for the recovery seed in-app.
BrandScammers mimic Trezor's interface and communications to trick users into typing their recovery seed into a fraudulent form. The recovery seed should only ever be entered on the Trezor physical device itself.
BrandAttackers build convincing OpenSea clones or inject malicious signature requests into NFT listings to drain connected wallets. OpenSea will never ask you to sign a transaction unrelated to a specific sale or purchase you initiated.
BrandCriminals fake OpenSea airdrop announcements to lure NFT holders into connecting wallets on drainer sites. OpenSea does not run token airdrops requiring wallet connections to third-party claim pages.
BrandFraudsters impersonate Kraken customer support via phone, email, and social media to steal account credentials or authorize fund transfers. Kraken's real support operates through kraken.com's help system — not through unsolicited calls.
BrandScammers create fake Kraken staking promotions promising extraordinary yields, directing victims to deposit crypto in exchange for returns that never arrive. Kraken's real staking yields are displayed transparently in the official app.
BrandCriminals combine phishing, SIM swapping, and social engineering to take over Coinbase accounts and liquidate holdings. Understanding Coinbase's security layers helps identify when something unusual is happening.
BrandAttackers send fake Binance password-reset emails to capture login credentials or 2FA codes. Genuine Binance password-reset emails always include your personal anti-phishing code and never embed a button asking you to confirm a reset you did not request.
BrandFraudsters send fake Coinbase account-suspension emails to panic users into submitting credentials on phishing pages. Coinbase suspensions are communicated through in-app notices and official email — never via links demanding immediate re-verification.
BrandClipboard-hijacking malware targets MetaMask users by silently replacing copied wallet addresses with attacker-controlled ones at the moment of pasting. Installing MetaMask from any source other than the official browser store is a primary infection vector.
BrandScammers announce fake celebrity NFT collections using OpenSea's branding to draw buyers to drainer sites. OpenSea's actual listing and verification process does not guarantee a collection is from the person it claims.
BrandScammers send fake Coinbase 'subscription' or 'fee' renewal emails to trick users into clicking phishing links or calling fake support numbers. Coinbase does not charge a subscription fee for standard accounts.
BrandFraudsters invent fake Kraken token distributions to lure users into depositing crypto or connecting wallets to drainer sites. Kraken does not distribute free tokens requiring wallet connections to external claim pages.
BrandCriminals pose as Trezor support agents on Reddit, Twitter, Discord, and Telegram to guide users through 'troubleshooting steps' that lead to seed-phrase disclosure. Trezor's official support operates only through trezor.io/support.
BrandCriminals construct fake OpenSea listing flows that trick NFT owners into signing EIP-712 orders transferring their assets at zero price. Understanding what OpenSea's genuine listing signature looks like is the key defense.
BrandAttackers chain phishing, OTP interception, and API key theft to seize Binance accounts and drain holdings in minutes. Enabling Binance's withdrawal whitelist and authenticator-app 2FA makes takeover far harder.
BrandFraudsters clone Binance's Earn and staking products to lure users into sending crypto to external addresses with promises of extraordinary yields. Binance Earn and staking are managed entirely within the Binance platform.
BrandScammers embed fake Coinbase live-chat widgets on phishing sites and intercept users searching for help. Coinbase's real support is at coinbase.com/help — any chat window on a third-party site is fraudulent.
BrandFraudulent 'Coinbase recovery specialists' charge upfront fees to recover lost funds, then steal whatever remains. Coinbase's genuine recovery options are limited and handled only through coinbase.com/help.
BrandThere is no MetaMask phone support line or live chat agent. Anyone claiming to be MetaMask support in a DM, by phone, or on social media is attempting to steal your seed phrase or wallet access.
BrandScammers fabricate MetaMask token airdrops requiring users to connect wallets on drainer sites. MetaMask does not distribute tokens requiring wallet connections to external claim pages.
BrandCriminals clone Coinbase's staking interface to redirect deposits to their own wallets. Coinbase's real staking is available only through the official Coinbase app or website — never via emailed links to external platforms.
BrandScammers use Kraken's logo and name to run fake crypto doubling giveaways on YouTube and social media. Kraken has never run a promotion where sending cryptocurrency results in a larger return.
BrandScammers intercept Ledger users seeking help by posing as official support agents on social media and through fake phone lines. Ledger's real support is at support.ledger.com — no agent there will ever ask for your recovery phrase.
BrandFraudsters pose as Ledger to promote fake staking programs requiring users to send crypto or share their recovery phrase. Ledger Live integrates with real staking protocols, but never requires sending funds to Ledger-controlled addresses.
BrandScammers posing as Binance technical support convince users to install remote-desktop software and then take control to drain accounts. No genuine Binance support process involves remote access to your device.
BrandFake 'Trezor recovery specialists' charge fees to supposedly restore wallets or retrieve lost funds, then steal any remaining assets. Trezor does not have recovery partners — wallet recovery uses only the physical device and the recovery seed.
BrandAttackers use phishing, SIM swapping, and social engineering to hijack Kraken accounts and liquidate holdings. Kraken's Global Settings Lock and authenticator-app 2FA are the most effective defenses.
BrandCriminals pose as Coinbase to steal users' Coinbase Wallet seed phrases, giving permanent access to all assets in the self-custody wallet. Coinbase's exchange service does not use seed phrases — but Coinbase Wallet does, and it should never be shared.
BrandScammers target NFT creators with fake OpenSea creator-payment or royalty-update requests that contain malicious EIP-712 parameters. Legitimate OpenSea royalty settings are managed through the creator dashboard at opensea.io — no signature is needed via email or DM.
BrandAttackers send fake Kraken password-reset emails to capture login credentials and 2FA codes. Genuine Kraken password-reset emails direct you to kraken.com directly — they do not embed action buttons linking to external domains.
BrandFraudsters send fake Kraken account-suspension emails to panic users into submitting credentials on phishing pages. Genuine Kraken account restrictions are communicated through the platform and resolved at kraken.com.
BrandCriminals distribute fake Ledger Live updates through phishing emails and lookalike download sites. The fake software captures the recovery phrase during a fake 'restore' step. Ledger Live updates are delivered only through the official app.
BrandScammers fabricate Binance token distribution events requiring wallet connections or seed phrases to 'claim' free tokens. Legitimate Binance token distributions are announced on binance.com and never require external wallet-connect flows.
BrandAttackers build fake DeFi protocol front-ends that impersonate MetaMask's approval interface to trick users into signing transactions enabling flash-loan-style fund drains. MetaMask only executes what the user explicitly approves — reading every transaction detail is the key defense.
BrandCriminals pose as OpenSea support agents on Discord, Twitter, and Telegram to trick NFT holders into connecting wallets or sharing information on drainer sites. OpenSea support operates only through support.opensea.io.