Current tactics, clear warning signs and concrete steps – tailored for the Austrian context.
Crypto fraud can affect not only beginners. Many tactics are designed in a way that can typically also deceive experienced users.
In Austria similar fraud schemes are reported regularly – often with slightly modified details.
A short, non-binding assessment based on typical signals – not a conclusive evaluation.
Instant rule: Reputable providers generally do not ask for your recovery seed, your 2FA code or your password. Anyone who does – even claiming to be from support – can be a very strong warning sign.
Fraudsters impersonate Bitpanda support over the phone and demand login credentials or TAN codes.
Trust in a well-known brand combined with artificial time pressure ('account at risk').
Groups that supposedly share 'insider tips' for small altcoins — in reality the organizers buy in advance and sell into the pump.
Greed for high returns combined with peer pressure inside closed communities.
Fraudulent brokers display fake profits in the dashboard but block every withdrawal. Frequently advertised on social media using celebrity images.
Seemingly serious advertising with celebrity faces plus a personal 'adviser' creates trust.
An online romantic relationship is built up over weeks, then the victim is convinced to invest in crypto on a fake platform.
A long-built emotional connection lowers critical distance – combined with small successful initial withdrawals.
Supposed airdrops that drain all assets after a wallet is connected ('drainer smart contracts').
Free tokens look like a gift – the complexity of wallets and smart contracts is exploited deliberately.
Many tactics typically rely on a few well-known mechanisms – regardless of the concrete scenario.
Artificial urgency can prevent victims from thinking calmly or double-checking.
Alleged 'support', 'adviser' or 'authority' can create obedience and reduce critical questioning.
Fear (account at risk) or greed (guaranteed returns) can override rational decisions.
Wallets, addresses and smart contracts feel opaque to many – which can create room for manipulation.
Acting quickly can help to limit the damage – success is not guaranteed.
It can be sensible to cut contact with the person or platform involved and to refrain from further transfers.
Counterparty wallet addresses, transaction IDs, chat histories, emails and screenshots can be documented.
As a rule, filing a report at the nearest police station or with the Cybercrime unit (C4 at the Federal Criminal Police Office) can be sensible.
For investment-related providers, notifying the Austrian Financial Market Authority (FMA) can be sensible – it can also contribute to the warning list for others.
For larger amounts, a consultation with a law firm specialised in IT law can be considered.
Blockchain transactions are generally not retrievable and typically cannot be reversed like card payments. Unlike credit cards or SEPA transfers there is typically no chargeback option and no central authority that immediately undoes a theft. This property makes crypto attractive for investors — and just as attractive for scammers.
On top of that: many beginners are technically overwhelmed, FOMO-driven ('fear of missing out') and trust influencers more than providers with a transparent regulatory classification. That combination is exactly what scammers exploit.
These simple rules can reduce risk – they do not, however, guarantee protection against fraud:
These areas help to reduce risk structurally.
Secure custody is among the most effective measures against many drainer and phishing tactics.
A deliberate choice of providers with a transparent regulatory classification can reduce the attack surface from the start.
Alleged 'tax prepayments' are a frequent pressure tool in broker scams – a realistic tax overview helps.
Typical signals can include unsolicited contact by alleged support, guaranteed returns, time pressure, missing withdrawals despite displayed profits and investment requests from DMs or via dating platforms. If several signals appear together, particular caution can be warranted. A conclusive assessment depends on the individual case.
It can be sensible not to make any further payments, to save all evidence (wallet addresses, transaction IDs, chats, screenshots), to file a report with the police or the cybercrime unit and – for investment-related cases – to consider notifying the FMA. For larger amounts, specialised legal advice can be considered. Success is not guaranteed.
Blockchain transactions are generally not retrievable and typically cannot be reversed like card payments. Full recovery is, based on experience, generally not possible. Early documentation, reporting and notifications can however increase the chances of clarification and may in individual cases contribute to securing funds – depending on the individual case and without any guarantee of success.
Platforms can differ significantly in their regulatory classification, place of business and security architecture. Transparently operating providers with a clear legal framework and established security standards can reduce certain risks – full protection cannot however be derived from this and is not guaranteed. Larger holdings are often kept in a personal wallet.
In Austria, contacting the FMA investor protection office, the Federal Criminal Police Office (Cybercrime Competence Centre, C4) and a lawyer specialised in IT law can be considered. It can be sensible to save screenshots, wallet addresses and chat histories – they typically count among the most important pieces of evidence.
If you are new to the topic, the basics on exchanges, wallets and security can help you get started.
You can also classify your usage profile in the crypto type quiz.