Fake Crypto Exchange Support Scams
Imposters posing as exchange customer support trick you into revealing credentials, seed phrases, or approving withdrawals.
Last reviewed: 1 June 2026
What this scam is
Fake crypto exchange support scams involve fraudsters impersonating the customer service teams of cryptocurrency exchanges, wallets, or related platforms. They target people who are experiencing — or can be made to believe they are experiencing — a problem with their account, and manipulate them into revealing login credentials, two-factor authentication codes, or seed phrases, or into approving transactions that transfer their funds to the attacker.
This scam is a crypto-specific variant of the broader fake tech and financial support scam category, adapted to the unique vulnerabilities of crypto platforms. Because cryptocurrency transactions are irreversible and most exchanges hold significant balances, successful attacks result in complete and unrecoverable losses.
Scammers find their targets through multiple routes. People who post publicly about exchange issues are immediately targeted via direct messages. Fake support accounts exist permanently on Discord, Telegram, and Twitter/X, ready to intercept people searching for help. Some scammers create fake exchange websites that appear in search results and include fraudulent support chat systems. In other cases, phishing emails impersonating the exchange prompt a support interaction.
The impersonation is often convincing. Fake support agents use the exchange's real branding, know general information about how the platform works, and employ professional-sounding language that mimics genuine customer service.
How it works
The most common trigger is a person posting on social media, Reddit, Discord, or Telegram about a problem with an exchange account. Scammers monitor these platforms continuously and respond within minutes via direct message, presenting as support staff.
Alternatively, a phishing email claims the person's exchange account has been flagged for suspicious activity, a withdrawal is pending verification, or their account will be suspended unless they verify their identity. A link leads to a fake exchange interface or support portal.
The support interaction follows a pattern designed to extract the information needed for account takeover. The agent asks the person to log in while on a screen share, capturing their password. They say a verification code has been sent and ask the person to read it out — capturing the 2FA code. They claim a 'wallet sync' is needed and ask for the seed phrase. Or they initiate a 'test withdrawal' to a 'verification address' that is actually the attacker's wallet.
In some cases, the scammer creates enough urgency — 'your account will be suspended in 30 minutes unless you verify' — that the victim acts before stopping to question whether the contact is legitimate.
Why this scam works
Exchange support scams work because people in difficulty with their accounts are anxious and receptive to help. The emotional state of a person who believes their account is compromised or suspended makes them more likely to comply with requests that would otherwise raise suspicion.
The crypto context adds urgency: accounts hold real money, and the fear of losing access — or of an unauthorised withdrawal in progress — creates pressure to act immediately. Scammers exploit this by adding artificial time constraints.
Many people are also unfamiliar with how legitimate crypto exchange support actually operates, which makes it harder for them to identify when a support interaction deviates from what real support does.
A typical pattern
A person posts on a public forum about a withdrawal that is taking longer than expected on a cryptocurrency exchange. Within two minutes they receive a direct message from an account using the exchange's logo claiming to be support. The account asks them to provide their account email and to share their screen. On the screen share, the support agent walks them through logging in, asks them to read out the verification code sent to their phone, and then says a 'manual review' withdrawal to a 'verification wallet' is needed to confirm ownership. The person approves the transaction, which sends their entire balance to the attacker's wallet. The support account then goes silent.
Common red flags
- Inbound DM offering support after you posted about an exchange issue
- Support contact asks for your password, 2FA code, or seed phrase
- Request to share your screen or install remote-access software
- Instruction to make a 'test withdrawal' or 'verification transaction'
- Email with a link to a support or account verification page
- Urgency — account will be suspended within the hour unless you act
- Support number found via search engine rather than the official website
- Request to send funds to a 'secure holding wallet' or 'escrow address'
- Support agent who initiated contact rather than you reaching out
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Hi, I'm from [exchange] support. I can see your account issue. Please connect to our verification portal: [fake link]
Your withdrawal is held for review. Provide your verification code to the support team to release it.
Account suspended due to suspicious login. Verify your identity at [fake link] to restore access.
To confirm account ownership, we need you to complete a test transaction to [wallet address]. Funds returned within 10 minutes.
Your account shows unauthorised access. Provide your seed phrase to our verification system to freeze activity: [fake link]
To update your security level, please share your screen and log into your account so we can apply the fix.
Common variations
- DM-after-post variant — targets people who post about exchange problems publicly
- Phishing email variant — email impersonating the exchange initiates a support interaction
- Fake exchange website — site mimicking a real exchange with integrated fraudulent support chat
- Screen share variant — 'support' requests screen access to 'diagnose' the account
- Verification withdrawal — victim instructed to send funds to prove account ownership
- Search engine support number — fake numbers appear in search results for exchange support
How to verify before you act
Legitimate cryptocurrency exchanges do not send unsolicited DMs offering support. They do not ask for your password, seed phrase, or two-factor codes in any support interaction. They do not ask you to make a 'test withdrawal' or a 'verification transaction'.
Contact exchange support only through the official website or app — not through links in emails, not through inbound DM contacts. Navigate to the exchange's website yourself and use the support channel listed there.
If you receive a DM from someone claiming to be support after posting about an issue, assume it is fake. Real exchanges monitor public posts from their verified accounts, not via DMs to individual users.
For any email claiming to be from your exchange, check the sender domain carefully and do not click links — navigate directly to your account via your bookmark or the official app.
Payment methods used
- Exchange balance drained via account takeover using captured credentials
- Direct withdrawal approved via social engineering
- Cryptocurrency sent to a 'verification wallet'
Who is usually targeted
- Crypto exchange users experiencing account problems
- Anyone who posts publicly about an exchange issue
- New crypto users unfamiliar with how legitimate support works
What to do immediately
- Stop all communication with the suspected fake support contact immediately
- If you shared credentials, change your exchange password and disable then re-enable 2FA immediately
- If you shared a seed phrase, move assets to a new wallet immediately
- If a withdrawal was made, contact the real exchange's official support with your transaction hash — they may be able to freeze the account if assets are still on-platform
- Report the fake support account to the platform where you were contacted
- Report to your national fraud authority with all communications and transaction details
- Do not pay any recovery service — on-chain transactions are irreversible
How to prevent it
- Contact exchange support only through the official website or app — never via inbound contacts
- Treat every inbound DM offering support after a public post as fake
- No legitimate support team will ask for your password, 2FA code, or seed phrase
- Never share your screen with a support agent who contacted you
- Never make a transaction at a support agent's request before verifying via official channels
- Save your exchange's official support URL as a bookmark and use only that
- Enable withdrawal whitelist or address restrictions where your exchange offers them
Evidence to preserve
- Screenshots and full text of all communications with the fake support
- Username and platform of the fake support account
- Any links or wallet addresses provided
- Transaction hashes for any funds sent or withdrawn
- The original post that triggered the contact
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
Will legitimate exchange support ever DM me?
Legitimate exchange support does not initiate contact by sending DMs to individual users on Discord, Telegram, or social media. Support is accessed through official channels on their website or app. Any inbound support DM should be treated as a scam.
Can I get back funds that were withdrawn by a scammer using my credentials?
If assets are still on the exchange platform, contacting official support immediately may allow them to freeze the account before funds are fully withdrawn. If assets have already been moved to an external wallet and converted, recovery is extremely unlikely. Blockchain transactions are irreversible.
The support agent seemed very knowledgeable about the exchange — doesn't that mean they're real?
No. Scammers research the platforms they impersonate thoroughly. Knowing how the platform works, its interface, and general processes is easily achieved and does not indicate a legitimate connection.
Why would a real exchange need a 'verification withdrawal'?
They would not. There is no legitimate reason for an exchange to ask you to send funds to a wallet as part of a support or verification process. This request is always fraudulent.
I gave them my 2FA code but not my password — am I at risk?
Potentially yes. A 2FA code combined with other information captured through phishing may be sufficient for account access, depending on the exchange's security model. Change your password and regenerate your 2FA immediately.
Are crypto transactions reversible if I report fraud quickly enough?
No. Blockchain transactions are irreversible by design. Acting quickly may allow the exchange to freeze an account if funds are still on-platform, but once assets are withdrawn to an external wallet, they cannot be recalled.
Should I report the scam to the real exchange?
Yes. Notify the real exchange's official support of the impersonation so they can warn their community and potentially take action against fake accounts using their branding. Also report to your national fraud authority.
What is a 'crypto recovery service' and should I use one?
So-called crypto recovery services claiming to retrieve stolen funds are almost universally a second scam targeting people who have already lost money. They charge fees and deliver nothing. Do not engage with them.