Unwrapping crypto's holiday scams: 12 schemes to avoid

The holidays are a season of twinkling lights, festive cheer, and… a massive spike in digital Grinches looking to steal your crypto. As we open our hearts and wallets, financial fraud peaks from Thanksgiving through the New Year, with digital assets becoming a prime target.

The sad truth is, scammers love the holidays. They feed on the season’s generosity, distraction, and urgency. Before you get swept up in the spirit of giving, let’s arm you with the knowledge about the most treacherous schemes.

12 scams of Christmas: Crypto cautionary list

Crypto scams fall into two main categories — schemes manipulating victims into giving access to their funds, and those designed to convince targets to transfer funds to scammers directly. Here are 12 common cases, according to Lionsgate's latest findings.

#1 Fake giveaways 

A "celebrity" (or a convincing AI deepfake of one) promises to double or triple any crypto you send them. Remember: no legitimate person or company will ever ask you to send crypto to receive more. It’s a one-way street to their wallet.

#2 Phishing e-cards

You get a festive email or message about a holiday "gift." To view it, you’re prompted to "log in" to your wallet or exchange. Clicking on that e-card could result in you downloading a virus, exposing your crypto wallet credentials, or turning your email address into a spam machine.

Always check the sender and do not assume a familiar logo means that the message is legitimate. If you are unsure, google the name of the sender company along with “scam” and see if anything comes up. If it is fake, other users have probably reported it.

#3 Charity look-alikes

Fraudsters create copycat websites of real charities, tugging at your heartstrings to collect crypto donations. Only donate through the official charity website you find via a trusted search engine.

#4 Fake wallet apps

A slick, look-alike wallet appears in an app store, ready to steal your seed phrase the moment you set it up. Such apps imitate popular wallets — the list of identified scams includes Suiet Wallet, Pancake Swap, and Raydium.

To impersonate legit brands, scammers use their name, logo, and interface design. Once installed, the app prompts you to enter your 12-word seed phrase, which gives attackers complete control and instant access to your entire crypto stack. Some apps also embed phishing links within their privacy policies.

Before downloading, check the developer’s name and read thousands of authentic reviews, not just the five-star ones.

#5 Holiday romance investor

Your new online "sweetheart," who just happens to be a crypto whiz, pressures you to make "one last investment before the year ends." If someone you've never met urges financial urgency, stop immediately. Pressure is the number-one ingredient in fraud.

Romance scams are a form of "pig butchering" — a type of fraud where criminals create fake online identities to build emotional or romantic relationships with their targets. The end goal is to manipulate the victims into sending money or "investing" in fake crypto platforms, often with an increased push during holidays. 

#6 Guaranteed holiday yield

A platform promises impossibly high, time-limited "holiday profits," often shown through a fake dashboard. Real investments carry risk and never guarantee returns, especially on a festive deadline.

#7 Shipping notification trap

A text about a delayed holiday package includes a link to "update your details" or "pay a release fee," often in crypto. Always track packages directly from the courier’s official website.

#8 Public Wi-Fi wallet hijack

Checking your portfolio via unsecure public Wi-Fi networks — whether at an airport or a café — can expose your keys to criminals. Never access your wallet on public Wi-Fi without a VPN.

Common scams include Man-in-the-Middle (MITM) attacks. Positioning themselves between a user's device and the internet, criminals intercept sensitive data like login credentials or private keys as they are transmitted.

Evil twin attacks involves a malicious Wi-Fi access point mimicking a genuine one (e.g., "Free_Airport_WiFi"). When a user connects, all their traffic flows through the criminal's system, enabling data interception and redirection to phishing sites.

Once, a Wi-Fi network in a Starbucks cafe even hijacked visitors' computers to use their processing power to mine crypto. There are many more schemes, so stay vigilant.

#9 "Holiday tax" threat

A frantic call or email from someone pretending to be the IRS demands immediate "tax payment" in crypto to avoid arrest. Such messages typically include a phishing link.

Fraudsters may also claim that your account is frozen and you must pay them a "tax" or "fee" in crypto to unlock it — another trap to extract more money. Government agencies never demand payment in crypto.

#10 Fake support "safe wallet"

A "support agent" from your exchange or wallet provider directs you to move your funds to a new "secure address" to "protect" them. Such fraudsters use social engineering tactics across social media, or they may email you first.

A targeted user may get a legitimate-looking message with a phishing link (e.g., leading to a fake Ledger Live app or Trust Wallet portal). Genuine support will never, ever tell you to move funds.

#11 Fake holiday NFT mint

A limited-edition, holiday-themed NFT "drop" appears, but the minting site is designed to drain your wallet the moment you connect. Only connect your wallet to verified marketplaces and established projects you’ve researched.

As explained by MetaMask, the scam has three key stages:

• Inventing an NFT project, which could look indistinguishable from a genuine one — for instance, it could mimic an existing prominent project.
• Presenting you with the scam mint and applying pressure to invest "right now" via email, SMS, social media, Reddit, etc.
• Manipulating you into signing a transaction that drains your funds. Commonly, this is a simple 'send,' without a smart contract — you are only authorizing funds to be transferred from your wallet elsewhere. Alternatively, victims may be asked to authorize the dapp and its smart contract to move around a specific amount of a token in your wallet.

Remember: genuine NFT mints do not require access to your tokens — only gas, paid in ETH. Watch for any warnings, as your wallet may automatically notify you of suspicious interactions before you sign them.

#12 False recovery agent

Right after you’ve been scammed, a "helper" appears, claiming they can retrieve your lost funds if you "hire them today" and pay a "recovery fee." They may pose as representatives of regulators, law enforcement, or associations that help victims recover their funds.

Such "agents" use any communication method: email, phone calls, and direct messages. This is a recovery room scam, designed to victimize you twice. Only work with registered, legally accountable forensic firms.

Example scenarios: When the holiday spirit sours

These aren’t just abstract concepts. These scams leave real victims in their wake.

• Costly click: Warren, a dentist, saw an online ad promising fantastic crypto profits. He invested a small amount and was impressed by the returns shown on his dashboard. As a test, he successfully withdrew $500. Confident, he invested $25,000. When he tried to withdraw again, he was told to pay $1,500 in "fees." After paying, the company vanished.
• Disappearing act: Sally met "Harry" on a dating app. He was a successful crypto trader who offered to invest for her, commission-free. On his instruction, she sent money via a Bitcoin ATM. He showed her impressive "growth," and she sent more — until all her $300,000 was gone. Then, Harry disappeared without a trace.
• Famous face: Tannis clicked a crypto ad featuring a celebrity she trusted. She invested, but when she tried to withdraw, she was told to pay more for "taxes and margin issues." She paid, but the company went silent, and her money was lost.

In most cases, once crypto is sent to a scammer, it’s gone for good. The anonymous nature of blockchain and the use of mixing services make recovering funds incredibly difficult.

Holiday security checklist

An ounce of prevention is worth a fortune in crypto. Stay safe this season by making these habits your holiday tradition:

• Verify everything: Double-check URLs, company names, and app developer credentials. A single misplaced letter can lead to a fake site.
• Do your own research (DYOR): Search any company or crypto online with terms like "scam" or "review." See what others are saying.
• Be skeptical of unsolicited messages: Never engage with suspicious texts, DMs, or emails. If you didn’t ask for the advice, it’s probably not advice you want.
• Don't send money to strangers: This sounds simple, but it’s the core of most scams. Be cautious even with people you "know" online.
• Use strong security practices: A VPN on public Wi-Fi is non-negotiable. Never click unsolicited links.

The holidays should be a time of joy, not financial loss. By staying vigilant and remembering that if an offer seems too good to be true, it almost certainly is, you can ensure your season is merry, bright, and secure.

If you've been scammed

Time is critical after a theft, as stolen crypto can be laundered through mixers and overseas exchanges in hours. The exact procedures vary geographically.

For example, here is how to report a scam in the US:

• Submit a fraud report to the Federal Trade Commission (FTC).
• Send a complaint or tip to the Commodity Futures Trading Commission (CFTC).
• Report the scam to the US Securities and Exchange Commission (SEC).
• Notify the FBI's Internet Crime Complaint Center.
• Report the crime to your local law enforcement office.

As holiday lights go up, let your guard go up with them

The season's spirit of generosity is a powerful tool in a scammer's arsenal, but your greatest defense is a healthy dose of skepticism. Treat every "too-good-to-be-true" offer with caution, verify before you trust, and remember the red flags. Let the only thing you're left holding this year be eggnog, not the empty bag of a crypto scam.