changehero Blog

Avoiding Crypto Scams in 2024: Case Study of Trust Wallet Scams
Author: Catherine
icon of calendar

One of the most popular crypto wallets as of 2024 is called Trust Wallet but can you really trust it? Spoilers: the product itself is fine. You should watch out for other fraudulent schemes that use this name. Learn more about them in this guide from the ChangeHero team!

Key Takeaways

About Trust Wallet

trust wallet home page
Source: Trust Wallet

Trust Wallet is one of the most recognizable brands of crypto wallets. Through simple yet strong branding, a user-friendly interface, and industry-leader backing, Trust Wallet managed to become one of the top crypto wallet apps.

The team preferred to invoke a sense of security in the users with the name rather than sticking to the idea of trustlessness, which proved to be the right move to amass a user base. This particularly applies to mobile wallet users, who comprise most Trust Wallet users.

Trust Wallet lets users manage digital assets and their crypto wallet addresses. In addition to supporting the majority of popular coins and tokens, it also enables cryptocurrency payments and gives access to non-fungible tokens. While it undoubtedly gives more utility to the app, it also increases the attack vectors that users can fall victim to.

Why are Trust Wallet users targeted?

According to a16z, Trust Wallet is among the top mobile wallets in the world. Its popularity and the image of a secure and trustworthy product make its users a target of crypto scammers.

There is no evidence to suggest that Trust Wallet users are more prone to falling victim to scammers. Neither is the wallet app itself less secure than the industry standard. Nevertheless, the app being as popular with newcomers to crypto as it is makes it a frequent cover-up for bad actors.

Crypto Scams That Target Wallet Users

Phishing

phishing, credentials, data

Cyber attack known as phishing is a social engineering tactic that uses a fake front such as a phishing website, email, or a fake app. It is not exclusive to crypto but due to how digital assets work, scammers have managed to make thousands of users fall victim to phishing.

You can lose not only an online account to this method but even all crypto assets on a given wallet address. If you share the seed or recovery phrase, the scammers will get access to your private keys. These keys are the only proof of ownership for crypto assets, so by giving them up, you lose ownership as well.

Scammers use different pretexts to pressure you into providing sensitive information. Official wallet projects often remind their users that they will never ask their users for recovery phrases. If you suspect a phishing attempt, pay extra attention to email addresses and link URLs, do not follow any links or download any files. It might be a good idea to search for the official contact and reach out to the support staff yourself to see if the mailout is legitimate.

Fake Airdrops

gift, charity, package

Another common crypto scam method is fake airdrops and giveaway scams. The biggest red flag you should watch out for is whether it requires you to share the seed phrase. It is not always so obvious: sometimes, connecting your wallet puts you at risk as well, and both legitimate and fraudulent airdrop sites can ask you to do it.

Just like with other investment scams, cross-referencing the source of the airdrop can help you see if it is real. If it promises high returns, requests you to deposit funds, or is just too good to be true, it is most likely a scam.

Watch-Only Wallet Scams

no money, jeans, money

You could have come across some internet users offering crypto wallets for sale. If it seemed suspicious to you, your instinct was right: it is another type of phishing crypto attack that uses watch-only addresses.

What is a watch-only address or wallet? It is a type of crypto address that lets you view the balance and state of it but gives no access to spending. Trust Wallet supports these addresses, among other things.

Watch out for someone offering you to buy a crypto wallet address, even if they make it seem like it is a fully-fledged one. Do not deposit any crypto assets: scammers can use the pretense that it has been configured for investment or mining purposes. In reality, they are the ones owning the private keys and ergo, spending privileges.

Address Poisoning

what is address poisoning

This is also a crypto scam, which exploits how the users engage with wallet apps. Luckily, other wallet features, frequently found in popular applications, including Trust Wallet, help avoid it and keep your digital assets safe.

What happens in address poisoning? A scammer checks the transaction history through a block explorer and finds a transfer to try and hijack by creating a similar blockchain address. Because wallet addresses appear as long strings of letters and numbers, they are not human-readable, and it is not very hard to confuse a fake address with a legitimate one.

Once they choose a target, they create a zero-sum transaction that appears above a legitimate one in the history of transfers. Their goal is to trick people into confusing the addresses and next time, have them send digital currency to the scammer’s wallet.

How can you avoid this scenario? In addition to paying attention and double-checking the recipient addresses, you can also use features like the address book or favorite addresses in crypto wallet apps.

Fake Apps and Websites

Even generally reliable storefronts like the App Store or Google Play sometimes get tricked into listing applications that mimic popular crypto wallets. Search engines exercise even less oversight into which websites appear at the top of the results, leading to a phishing website occasionally popping up in ads.

A few tips to avoid those impostors would be keeping the real website in the bookmarks and knowing the proper URL of the legitimate business. As for the apps, the best indicator is usually the number of downloads and user reviews. Like other types of crypto scams we mentioned, these rely on the user not paying attention and when they’re in, pressuring you into action.

Malicious Bulk Emails, SMS, Social Network Messages

Last but not least, phishing occurs through email, SMS, and social media as well. It is a bit more tricky than fake websites because those can appear legitimate. For example, bad actors have been known to send phishing email from real Zendesk mailing services or SMS, claiming to be Trust Wallet representatives.

The rule of thumb here would be not to follow any links or download files. The scammers hope you are not familiar with the outreach policies of the service they act as so make sure to review the privacy policy of the products you use. For example, it is not that common for crypto wallets to know your phone number at all but a SIM-swapping fraudster is more likely to get their hands on it.

How to Stay Safe

We have already provided a few tips on avoiding each type of these scams. Summing it up,

Unfortunately, not everything always goes as swimmingly as we hope. What should you do if you were scammed?

Conclusion

We hope this guide equips you with the knowledge to avoid falling for scams targeting wallet app users. Keep your private information and digital assets safe with it!

More guides and updates from ChangeHero are posted on our blog, so do check them out! To get market insights and crypto news as they happen, follow us on social media: X, Facebook, Reddit, and Telegram.


Frequently Asked Questions

Is Trust Wallet really secure? Is Trust Wallet legit?

Trust Wallet is one of the most popular crypto wallets in the market. The application and extension are legitimate products with decent security.

Are Trust Wallet airdrops legit?

Occasionally, Trust Wallet collaborates with other crypto projects to offer their users airdrop opportunities. It is a good idea to cross-reference this information in the official Trust Wallet channels and the project’s website because airdrops can be used as a pretense for phishing.

Does Trust Wallet have email?

Trust Wallet does not contact clients through email. You can get in touch with them at support.trustwallet.com.

What to do if I got scammed on Trust Wallet?

The first step you can take is to contact the customer support of Trust Wallet. You can skip this step if you already know which law enforcement agency you should contact.

Can I be scammed on Trust Wallet?

Like on any wallet app, crypto scammers can defraud you out of your digital currency if you use Trust Wallet. According to the DFPI Crypto Scam Tracker, the majority of schemes involve social engineering, although hacks have been reported as well.

Can coins be stolen from Trust Wallet?

Although unlikely, if the user neglects digital security or their private key is compromised, hackers can steal digital assets from Trust Wallet. There is no evidence to suggest that its security is below the industry standard, though.

Is there a fake Trust Wallet app?

Fake crypto wallets surface in the popular digital app storefronts for a brief amount of time until they get reported and delisted. Nevertheless, there is always a chance that an app with a low amount of downloads and user reviews turns out to be fake, so exercise caution and download apps only from official sources.

How can you tell if someone is a crypto scammer?

There are no certain one-hundred-percent giveaways for crypto scammers but they tend to employ some similar tactics. When they interact with a potential victim, they will try to gain their trust and pressure them into action.

Why is crypto so scammy?

Crypto remains largely unregulated even in 2024, so although there is no extreme oversight, customer protections are lacking as well. Some features of blockchain like transaction irreversibility or self-custody also make it easier to compromise one’s coins or tokens.

Tags