Fake Crypto Bridge Scam
Fraudulent cross-chain bridge sites mimic legitimate bridging protocols to drain wallets the moment a user approves a transaction.
Last reviewed: 1 June 2026
What this scam is
Cross-chain bridges allow users to move cryptocurrency between different blockchain networks — for example, from Ethereum to Polygon or from Solana to Arbitrum. Fake bridge scams involve fraudulent websites that mimic the interface of a genuine bridge protocol to trick users into approving malicious smart contract transactions that drain their connected wallets.
The fake site typically replicates the visual design, token selection menus, and gas fee displays of a real bridge. The user connects their wallet believing they are initiating a legitimate transfer. The transaction they are asked to approve, however, grants the malicious contract unlimited spending permission on one or more of their token balances — a process known as a drainer approval.
Once approved, the drainer contract executes immediately, transferring available token balances to the attacker's wallet. The transaction is irreversible.
How it works
The scammer distributes links to the fake bridge through multiple channels: sponsored Google search results for bridge-related queries, fake Discord or Telegram announcements in protocol communities, Twitter/X posts from compromised or lookalike accounts, or airdrop notifications directing users to claim tokens via the bridge.
The fake URL is typically a one-character variation of the real site, a different TLD (such as .io versus .xyz), or a hyphenated variant. The site may have been live for only hours — rotating domains are used to evade blocklists.
The victim connects their wallet. The site displays a realistic bridging interface with the expected token list, fee display, and confirmation steps. The approval transaction requested, however, grants the drainer contract sweeping permissions. After approval, the attacker's contract immediately moves all approved token balances to an attacker address.
Why this scam works
Bridging is a routine DeFi operation that users perform regularly. The approval-based transaction model is standard — users approve token spending for legitimate protocols constantly. The fake bridge exploits this familiarity: the approval request looks identical to any other protocol interaction. Users who are comfortable approving protocol transactions do not necessarily read each one carefully.
Common red flags
- URL is a slight variant of the genuine bridge domain
- The approval transaction requests 'unlimited' token spending rather than the specific amount being bridged
- The site was linked from a social media post or Discord message rather than found directly
- Transaction confirmation shows a contract address not matching the real protocol's verified address
- No previous interaction history with this domain in your wallet
- The site appeared in a sponsored search result for the bridge name
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Bridge your [token] to [chain] in seconds. Connect your wallet to get started: [fake URL]
[Bridge name] has launched on [new chain]. Claim your bridging bonus and move assets here: [fake link]
ANNOUNCEMENT: [Bridge protocol] migration — move your assets to the new contract before [date]: [fake site]
Airdrop available for [bridge protocol] users. Connect wallet to claim: [drainer site]
Common variations
- Liquidity migration fake bridge — claims a protocol is migrating to a new contract
- Chain launch fake bridge — announces that a protocol has just launched on a new chain
- Airdrop bridge — requires users to 'bridge' assets to claim a token airdrop
How to verify before you act
Always navigate to a bridge protocol directly via a bookmark you set up yourself or by following the link from the protocol's verified official Twitter/X account. Cross-check the domain in the URL bar against the domain listed in the protocol's official documentation or repository. Before approving any transaction, check the contract address against the protocol's verified contract list. Use a transaction simulator such as Tenderly or Wallet Guard to preview what an approval will actually authorise before signing.
Payment methods used
- Cryptocurrency
- Bank/wire transfer
- Gift cards
- Money transfer services
- Payment apps to 'friends & family'
Who is usually targeted
- DeFi users bridging assets between chains
- Users searching for bridging solutions via search engines
- Discord and Telegram community members
- NFT holders moving assets between chains
What to do immediately
- Do not approve any transaction on the site
- If you have already approved, immediately revoke the drainer contract's approval using a tool such as Revoke.cash
- Transfer any remaining assets from the compromised wallet to a fresh wallet address
- Report the fake site to your wallet provider and the legitimate protocol team
- Report the URL to Google Safe Browsing and the relevant platform where the link was shared
How to prevent it
- Bookmark legitimate bridge URLs directly from official documentation — never use search results
- Use a hardware wallet that displays full transaction data before signing
- Simulate transactions before signing to see exactly what they authorise
- Regularly revoke unnecessary token approvals using Revoke.cash or equivalent
- Enable URL phishing alerts in your wallet
Evidence to preserve
- The full URL of the fake site
- Transaction hash of any approval granted
- The contract address that received approval
- Screenshots of the interface and any messages that directed you there
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
What is a token approval and why is it dangerous?
A token approval is a smart contract permission that authorises a specific contract to spend tokens from your wallet up to a defined limit. If you grant an unlimited approval to a malicious contract, it can drain your entire balance of that token at any time. Always check what contract an approval is for and limit it to the exact amount you intend to move.
I approved a transaction on a fake bridge — is anything reversible?
Immediately go to Revoke.cash and revoke the approval for the drainer contract before it executes. If the drainer has already moved your tokens, the transfer is irreversible. Move any remaining assets in the affected wallet to a new wallet address as a precaution.