Crypto Impersonation Scams Intensify Amid Social Media Verification Changes, Driving Billions in Losses

Executive Summary

The cryptocurrency sector is experiencing a significant increase in impersonation scams, leveraging fake social media profiles and sophisticated social engineering techniques to steal digital assets and sensitive information. These fraudulent activities, which often mimic legitimate entities such as crypto media outlets and even regulatory bodies, have contributed to global financial losses surpassing $14.7 billion by Q4 2025. The problem is exacerbated by changes in social media verification systems, which have blurred the lines between authentic and fraudulent accounts, leading to a profound impact on user trust and ecosystem integrity.

The Event in Detail

Impersonation has emerged as a primary social engineering tactic within the crypto space throughout 2025, characterized by fraudsters creating fake accounts on platforms like X (formerly Twitter), Telegram, and LinkedIn. These impostors often pose as reputable entities, including Cointelegraph and CoinMarketCap reporters, or even as support staff for major exchanges like Binance. Their objective is to lure unsuspecting individuals into disclosing sensitive data, granting remote access to devices, or transferring funds to attacker-controlled wallets.

Specific incidents highlight the breadth of these tactics:

• In October 2025, a Telegram profile imitating "Tobias Vilkenson | Cointelegraph" attempted to solicit coverage from BNB Chain through a linked X account.
• Fake CoinMarketCap "journalists" requested remote-control access during Zoom meetings, successfully installing malware and gaining device access.
• The Empire podcast brand was cloned to distribute AMOS stealer malware via fake interview links, siphoning browser cookies and crypto wallet data from macOS users.
• AI-generated deepfakes have been employed, notably in Hong Kong, where realistic videos of Chief Executive John Lee Ka-chiu and the city's financial secretary promoted fake investment schemes and coins.
• SMS scams posing as Binance support instructed over 100 Australians to move funds to "secure wallets" belonging to attackers.
• Regulatory bodies have also been targeted; the UK's Financial Conduct Authority (FCA) received nearly 5,000 reports in the first half of 2025 from individuals contacted by impostors, and the US Securities and Exchange Commission (SEC)'s X account was briefly compromised in January 2024 via a SIM-swap attack, leading to a false announcement about Bitcoin (BTC) exchange-traded fund approval.

Changes to social media verification systems, particularly X's transition to monetized tiers, have complicated authenticity verification. A blue checkmark now signifies a paid subscription rather than verified identity, making it easier for scammers to appear credible.

Market Implications

The proliferation of impersonation scams carries significant implications for the broader Web3 ecosystem and investor sentiment. The primary consequence is a severe erosion of trust across the digital asset landscape. When prominent media, projects, and even regulators are successfully impersonated, it becomes increasingly difficult for users to discern legitimate communications from fraudulent ones, fostering skepticism and caution.

Financially, the impact is substantial. Global losses from crypto-related fraud have exceeded $14.7 billion by the fourth quarter of 2025, marking one of the most financially damaging years for the crypto industry. The average loss per victim in cryptocurrency scams is projected to reach $38,000 in 2025, more than double the average loss in 2021. This directly impacts individual investors and may deter new capital from entering the market due to heightened perceived risk.

The sophistication of these scams, particularly the integration of AI-generated content (involved in 42% of scams in 2025, up from 12% two years prior), indicates an escalating threat. This trend necessitates greater vigilance from platforms and users alike, highlighting systemic vulnerabilities in current cybersecurity measures within the decentralized space.

Expert Commentary

Experts emphasize user vigilance as paramount for scam prevention in the dynamic Web3 ecosystem. Key recommendations include:

• Verifying authors and content on official project websites and cross-referencing information for authenticity.
• Meticulously checking email domains for any crypto-related communication, as phishing attempts frequently use spoofed addresses.
• Scrutinizing social media handles for verification badges and consistency with official channels.
• Exercising caution with requests to move conversations or transactions to alternative platforms, such as private messaging apps, as this is a common tactic by fraudsters.
• Never paying for editorial coverage, as legitimate reporting does not require such payments.

Platforms are also taking steps; Telegram launched its @notoscam bot, and Web3 Antivirus introduced a Scam Pulse feature to track and rank impersonated brands.

Broader Context

Impersonation is not unique to crypto but has become one of its most pervasive social-engineering tactics, used to steal data, drain wallets, and blur the line between trusted media and outright fraud. The issue is compounded by a broader surge in impersonation scams across industries, intensified by the evolution of social media verification systems. For instance, the changes implemented by X (formerly Twitter) mean a blue checkmark no longer guarantees authenticity, providing an avenue for scammers to gain false credibility. The increasing sophistication of AI-generated content, including deepfakes and voice cloning, further enables these scams to be more convincing and harder to detect, posing an ongoing challenge to cybersecurity and trust in the digital age.