Refresh to view the latest content.


It's a new era!
We have officially changed our name from "AtomicDEX" to "Komodo Wallet"

Official Press Release

11 August 2022

Updated: 28 October 2022

DeFi Scams: What Are They and How to Avoid Them


DeFi Scams: What Are They and How to Avoid Them

Table of contents

DeFi scams happen when fraudulent parties try to steal or coerce crypto assets from unsuspecting crypto holders.

The DeFi ecosystem puts the power in the hands of the individual, eliminating the need for centralized authorities found in traditional finance. Like traditional institutions, DeFi also facilitates financial services like crypto lending, borrowing, trading, saving, and investing. However, DeFi provides all these and much more without third-party intermediaries.

DeFi is an attractive sector for scammers and hackers because most activities are trustless. Since the sector's inception, DeFi platforms have been targets of hacks and fraud, ending with many users losing a lot of money. These scammers can easily exploit the ecosystem because of the inherent permissionless nature of blockchain technology. Once a scam has occurred and the transaction is confirmed, it is hard to pursue any recourse.

What Makes DeFi Vulnerable to Scams

There are three reasons why DeFi is especially vulnerable to scams and hacks:


If users get scammed out of their crypto, no central authority can take complaints, investigate, and/or reverse the transaction.


There is not always an easily identifiable way to determine who the scammers are or where they are operating from. Although all transactions appear on the blockchain, it is nearly impossible to determine the scammer's identity or location purely from their cryptocurrency address.

Irreversible Transactions

It is impossible to reverse or cancel a transaction once finalized. Unlike traditional finance, where the bank can reverse a transaction, blockchain activity is permanent. Also, users on traditional platforms can lock their debit or credit cards or change card PINs if they suspect fraudulent activity. In DeFi, users cannot change their seed phrases. Once a scammer accesses a crypto wallet and transfers assets, it is almost impossible to recover them.

Types of Scams in the DeFi Space

The following are some of the most common types of scams that happen in the DeFi space.

Pump-and-Dump Scheme

This fraud involves artificially inflating the price of a particular crypto asset through false and misleading positive statements by the developers or holders of the majority of its total supply. They leverage major social media platforms like Twitter, Instagram, Facebook, YouTube, and Telegram to create demand and drive up the price.

When that happens, the scammers then sell off all their asset holdings. The sell-off causes the asset's price to drop, sometimes within minutes, leaving people with worthless assets. The scammers typically make huge profits as the price plummets, driving the price down until they are out of assets to sell.  

Honeypot Scams

A honeypot is a crypto scam where people can buy an asset but cannot sell it. Invested funds get stolen, leaving holders of the asset with assets they cannot trade. In a honeypot scam, a scammer holds a token presale event and promotes the asset via various channels. However, in most cases, the contract contains a code that only allows specific crypto wallets (usually the scammer's wallets) to sell the asset.

Phishing Scams

Phishing is a type of attack that tries to trick unsuspecting members of the DeFi community into giving over sensitive information like usernames, passwords, or credit card details. The scammers are after any information that helps them impersonate DeFi users and gain access to their crypto wallets. The most common type of phishing scam uses bogus emails that direct users to fake sites or ask them to follow a malicious link to 'verify' a fake account.

Scam Airdrops

A typical airdrop scam involves launching a malicious asset, sending messages to unsuspecting user accounts, and requesting they connect their wallets via a malicious website to claim the airdrop. Users unknowingly connect their wallets to websites with malicious smart contracts, allowing scammers to transfer funds.

Fake Google Ads

Scammers use Google Ads to steal cryptocurrency wallets. They place Google Search ads that mimic popular wallet brands, such as MetaMask, to trick unsuspecting users into giving up their crypto wallet seed phrase or private key.

How to Protect Yourself From Scams

Some effective ways DeFi users can protect themselves from scams include:

Enable Extra Security Measures

Most wallets or exchange platforms have options for additional security features. Users can enable two-factor authentication (2FA) that sends email or text codes when trying to log in. People who use their mobile devices to access their crypto wallets can enable biometric verification to open the DeFi app.

Double-check URLs

Crypto users need to double-check any web address they are registering on to ensure they are on a legitimate platform, not a website designed to steal sensitive information. When building fake sites, scammers change one or more characters of an original site, so it still resembles the actual one. For instance, a fake site may switch an "I" for an "l".

Get a Cold Wallet

For crypto holders who don't actively trade, the most secure way to keep crypto assets is in an offline cold wallet from known brands like Trezor and Ledger. Users should purchase directly from the brand, not third-party retailers, for security purposes.

Stick To Reputable Crypto Exchanges

Fraudsters often use new assets to perpetrate DeFi scams. Users looking to buy assets not available on centralized exchanges like Binance or Coinbase should stick to reputable DEX platforms like PancakeSwap, Uniswap, or AtomicDEX.

Investigate the Project's Community

Successful DeFi projects have communities of active users across social media platforms where users and developers can constantly discuss the project's progress. Continuous communication is essential to building a platform everyone can enjoy safely. If a project has an inactive or quiet social media community, it is advisable to stay out and observe.

Do Your Own Research (DYOR)

Crypto enthusiasts should research and conduct their due diligence before putting money into any DeFi project. Due diligence involves knowing who the developers are, the project's use case, and understanding all of the risks involved.

Scammers constantly try to exploit the DeFi sector because it is very lucrative and has high-interest earning opportunities available across DeFi platforms. Users must protect themselves by conducting due diligence and finding safe ways to invest resources before making any commitments. All interested parties must ensure that investing or depositing funds is safe before committing to any DeFi platform.

Explore DeFi Securely with AtomicDEX

AtomicDEX is a secure DeFi application that has a built-in wallet, cross-chain/cross-protocol bridge, and cross-chain/cross-protocol decentralized exchange all rolled into one app.

Try the AtomicDEX wallet to safely explore a wide range of DeFi projects.