blank

Scams

What are Scams & Phishing?

Scams and phishing are social-engineering attacks that trick you into handing over accounts, money, or device control. This category covers classic email/SMS phishing and modern fake-offer ecosystems: bogus cryptocurrency exchanges and wallets, crypto casino platform scams and “free Robux / free game currency” generators. The common pattern is urgency plus a too-good-to-be-true promise that rushes you into clicking, paying, signing in, or installing something you didn’t plan to.

blank
How to avoid Scams and spot Phishing attempts

How do these scams reach you?

Attackers use emails that spoof banks, delivery firms, or HR; texts about “missed packages” or “suspicious logins”; social DMs from compromised friends; QR codes on posters/receipts; and search ads that lead to convincing clone sites. Tech-support pop-ups may lock your browser and list a phone number; once called, the scammer pressures you to install remote-access tools. Influencer promos and “giveaway” videos funnel you to look-alike domains via shortened links.

Common Scam Variants 

Fake cryptocurrency exchanges and wallets. Look-alike brands offer huge “bonuses,” then ask you to deposit, pass KYC, or connect a wallet. Withdrawals fail behind invented “fees,” or a malicious smart-contract approval gives the site permission to move your tokens. A web form that asks for your seed phrase is an instant red flag – legitimate services never request recovery phrases.

Crypto Casino Scams. They tout outsized odds and “provably fair” claims that evaporate on inspection. After wins, balances are frozen behind endless “verification,” more deposits, or impossible wagering requirements. Some demand remote-access apps “to resolve issues,” setting up device compromise.

“Free Robux” and game-currency generators. Pages push you to log in, install a browser extension, complete “human verification,” or run a downloader. Outcomes include credential theft, hijacked inventories, or adware that floods your browser. Any site promising free premium currency for surveys or installs should be treated as unsafe.

What can these scams do?

Goals are straightforward: steal credentials, drain wallets, divert legitimate payments, or plant malware. Compromised logins enable takeovers of email, exchanges, gaming accounts, and payment profiles. Malicious token approvals allow transfers without further prompts. Downloaders from “verification” pages can install Trojans, adware, or even ransomware. Even without malware, identity data harvested during fake KYC can fuel further fraud – and ToS-violating tools can get real accounts banned.

Reporting and next steps

Preserve evidence: screenshots, transaction IDs, wallet addresses, and (for email) full headers. Report to the involved service (exchange, game platform, mail provider) and to your local consumer-protection or cybercrime agency. Fast reporting improves the odds of blocking further losses and helps protect other users.

How can you protect yourself?

Pause before you click or pay. Inspect the full domain (not just the logo or display name) and avoid shortened links you can’t preview. Use a password manager; it auto-fills only on genuine sites and helps spot look-alikes. Enable multi-factor authentication (prefer app or hardware keys). For crypto, never type your seed phrase into a website; regularly review and revoke risky token approvals, and test with a small withdrawal before sending larger sums. Install apps/extensions only from official stores and verified publishers. Keep your OS and browser updated and limit extensions to those you truly need.

Do the following if you were affected

If you entered a password, change it at once and sign out of all sessions; update any reused passwords elsewhere. Remove unknown authenticators, check forwarding rules, and review connected apps. If a wallet was involved, disconnect the site, revoke token approvals, and move any remaining funds to a fresh wallet with a new seed. If money was sent, contact your bank, card issuer, or exchange support immediately. For game accounts, reset credentials, enable 2FA, and remove suspicious extensions.

If you downloaded or ran anything, treat the system as potentially infected. Start with a reputable malware scan (you can use our free virus scanner) to identify threats. For persistent components, our professional removal tool (available for download here) can help detect and clean many Trojans, adware, and browser add-ons. You can also follow our step-by-step guides for specific threats. After cleanup, reset passwords, review startup items and extensions, and maintain offline/cloud backups to stay resilient.