Wallet setup scam
Scammers have been more and more active in recent months, utilizing both fake tokens and social engineering to scam crypto users out of their hard-earned money. In this article, we'll cover one of the most popular schemes that scammers use.
- Step 1. Receiving the email.
- Step 2. The body of the email.
- Step 3. Getting the wallet.
- Step 4. In the wallet.
Step 1. Receiving the email.
Atomic Wallet support team impersonation
Often scammers will contact you, claiming to work for Atomic Wallet. This is the first red flag. The Atomic Wallet team will never contact you first. Unless you've contacted us before and we promised to come back to you later, we will not contact you out of the blue. If you were expecting an email from us and you do receive one, carefully check the sender's email address. The only email address that we can contact you from is firstname.lastname@example.org. Any other address means that you were contacted by a scammer. See the example below:
This person is a scammer because they sent an email from an address that does not belong to us.
Additionally, if you're still not sure, reach out to us by filling out the support form and we'll clarify if an email was sent by our team or not.
Government agency staff impersonation
Sometimes the scammers will masquerade as government employees. Some examples of such government agencies could be the Financial Investigations Union of Sweden, the South African Financial Sector Conduct Authority, etc. While some of these could be checked fairly easily (for example, a quick Google search will reveal that the "Financial Investigations Union of Sweden" does not exist), some could be tricky. If you receive an email from a government agency, it's best to contact them yourself and check if the person who contacted you actually works there. You can also check said government agency's contact info and see if their public email address matches the one you received the message from.
Private business staff impersonation
Similarly to the previous two examples, scammers may pretend to work for a financial or a legal company. Follow the same basic steps to ensure that you are not talking to a scammer. Check online if the company is legit, check their contact info, find out if the person contacting you actually works there, etc.
Step 2. The body of the email.
While the details may vary depending on who the scammers are impersonating, the general message is always the same: you have a lot of money coming your way. Scammers masquerading as representatives of a legal company or the government may tell you that you are entitled to a "compensation" of some kind or a "refund". Sometimes, the scammers won't even provide a specific reason and just say that you are going to get a lot of money for no reason.
But then comes the catch. In order to get the money, they'll ask you to deposit a smaller amount into the wallet. Again, the details may vary. They may tell you that you need to 'unlock' the wallet or that you need to 'prove that the wallet belongs to you', etc. The point is, they will ask you to deposit money into the wallet. Here's an example:
Such an offer sounds too good to be true because it is. If someone offers you thousands of dollars out of nowhere, it is most definitely a scam.
Step 3. Getting the wallet.
The most important step in the scammers' plan is to give you a wallet that they have access to. This can be done in a number of ways.
Sometimes the wallet is already set up by the scammers beforehand and you are given the 12-word phrase to access it. They ask you to download the wallet from our website and access the wallet with the 12-word phrase they gave you.
Another popular way is that they offer to set up the wallet for you, using remote access software, such as TeamViewer or AnyDesk. They set up the wallet for you and get access to your 12-word phrase.
In most cases, they will even tell you to change your password to give you a false sense of security. Remember, changing your password does not make a difference if someone has access to your 12-word phrase. They will be able to access your wallet, bypassing the password.
Step 4. In the wallet.
The wallet that they give you access to usually has some fake crypto in there. It is done to trick you and to make you believe that the money they promised you is right there, in the wallet, ready to be withdrawn. When a victim sees fake money, believing them to be real, they are much more likely to comply and deposit the crypto required to 'unlock the wallet' or 'prove their identity'. Here's what it looks like:
After the victim has deposited the real crypto that the scammers requested, they are immediately withdrawn (since the scammers have access to the victim's 12-word phrase). The victim is then left with a wallet that has fake ETH (or BTC, TRX, etc.) which cannot be exchanged or withdrawn while the scammers get away with the real crypto. Fake tokens are rampant in the crypto world, especially on ETH and ETH-like blockchains. Check out our article about fake tokens to learn more about them and how to check if the tokens that you have in your wallet are fake.
- If you get an email from a stranger, always check the sender's address
- If a stranger claims to work for the government, financial/legal company, or Atomic Wallet, make sure to reach out to the said company and verify that this person actually works there
- If they offer you a lot of money in exchange for a small fee, it is definitely a scam
- If they offer to use TeamViewer, AnyDesk, or any other remote access software, it is a huge security risk and you are getting scammed
- If someone other than you has your 12-word phrase, they will have access to your crypto, regardless of whether you changed the password
- Transactions on the blockchain are irreversible. If scammers withdrew the crypto you deposited into your wallet, there is no way to get it back
- Atomic Wallet team will never contact you first, never ask for your 12-word phrase, never give you a 12-word phrase, and never offer to set up a wallet for you