The kinds of pleas for help I have seen over the years ran through my head. One person had read a verification code aloud to a "support agent" on the phone. Another scanned a QR code and then watched their wallet empty. A third lost their savings in a "signals" group led by a "mentor." These stories share one thing: the trick itself was not clever. What was clever was the timing, landing just when someone was stuck on a deposit, chasing a quick profit, or simply lonely.
So this guide will not pile up frightening case studies. Instead it takes five common scam families one at a time, and for each gives you two things: the tell you can spot at a glance, and the right move to make on the spot. Spotting a scam takes no technical skill. It takes knowing the script in advance.
Five scam families at a glance
Here is a quick-reference table first, so you can match your situation to a row in a hurry, with the details of each opened up in the sections that follow:
| Scam type | Tell at a glance | Right move |
|---|---|---|
| Fake support | Messages you first, manufactures urgency, asks for a code | Hang up and block; use only in-app support |
| Phishing site / fake app | Reached via a search ad or a domain off by a letter | Type the official address yourself; download only from the official entry |
| Fake airdrop / event | Wants you to scan-to-approve a wallet, or pay before you claim | Do not scan or approve; trust only official announcements |
| Pig butchering | An online contact pushing stock tips, an "inside info" group | Block; let no one trade on your behalf |
| Transfer scam | A P2P counterparty asks to cancel the order and trade off-platform | Stay inside the order flow the whole way |
Fake support: anyone who messages you first is not real
Remember one sentence and you are most of the way there: Binance's official support will never contact you first. Official help exists only in the live-support window inside the app and on the official site, and it does not phone you, add you on WhatsApp, or send you a Telegram message.
The script for this scam is highly fixed. You have just posted a question online, or you are stuck on a deposit or withdrawal, and a "Binance support agent" appears, saying your account is at risk, suspected of money laundering, and needs your cooperation to clear it. From there the goal is only ever one of three things: your password, your verification code, or getting you to move coins to some "safe account." Some will also ask you to share your screen "to help you operate," which is really watching what you type.
The tell: unsolicited contact, plus manufactured urgency, plus a request for a code or a transfer. One of the three is enough. Real support will never ask you for a verification code, in any situation whatsoever.
The right move: hang up and block. If you have a genuine question, open the Binance app yourself and contact live support to check. For any account, URL, or phone number the other side leaves you, run it through the Binance official verification channel to confirm whether it is real.
Phishing sites and fake apps: ad slots and look-alike domains
Phishing sites usually reach you through one of two doors: a search-engine ad slot, and a domain spelled almost the same as the real one. The first pays to sit above the genuine site in results; the second gets by on one extra letter or a swapped suffix, invisible at a glance.
Fake apps are the mobile version of the same logic: a third-party app store, an "installer" someone sends you, a QR code of unknown origin. The interface they install looks convincingly real, and the account and password you type drop straight into the scammer's database. One variant is the "fake wallet app," where the moment you import your seed phrase, the assets change hands.
The tell: if the entry point is not the official address you typed in yourself, it is worth suspecting. Especially the slots in search results marked "Ad," links other people send you in chat apps, and "latest download links" posted on forums.
The right move: type the official address by hand and bookmark it, then only ever enter through the bookmark; download the app only through the entry on the official download page, with the exact steps in our App Download Guide. Add one more layer of insurance by setting an anti-phishing code (the method is in Account Security): an official email without your code is fake.
Fake airdrops and events: scan-to-approve and pay-to-claim
The test for this family is the simplest of all: anything that asks you to pay first or approve first before you can "claim" is fake. A real airdrop does not need you to pay a tax to release it, and a real event does not need you to approve your wallet to a stranger's contract.
Two variants come up often. The first is approval phishing: "scan to claim an airdrop" spreads on social media, and when your wallet scans the code, a signing request pops up, and if you tap confirm without reading it, what you signed away may be a token-transfer approval, after which the wallet is swept clean. The second is pay-to-release: you are told you have "won" a large amount of tokens, but to withdraw them you must first pay a "tax" or an "activation fee," and once you pay, the other side vanishes.
The tell: a reward falling out of the sky, plus a requirement that you give something first (money, an approval, a seed phrase). When that combination appears, you can close the page. The seed phrase is the deepest line of all: anyone asking you for your seed phrase, in any situation, is a scammer, without exception.
The right move: do not scan QR codes of unknown origin, do not connect your wallet to unfamiliar sites, and do not sign approval requests you do not understand. Binance events come from only two sources: the official announcements inside the app, and the events page on the official site. Anything seen elsewhere is fake until you confirm it through an official channel.
Pig butchering: romance and signal groups, twinned
The pig-butchering script has not changed in decades; only the props have, and today the prop is cryptocurrency. Two lines run to the same destination.
The romance line: an attractive stranger you met on a dating app clicks with you, and after a few weeks starts casually showing off investment gains and warmly offering to bring you along. You are steered to a fake trading platform to deposit, and the first few small deposits "profit" and can even be withdrawn, which is the feed put out for the pig. Once you raise your stake, withdrawals suddenly "need a tax" or "the account is frozen," and you are told to send more to release it, until you wake up or run dry.
The signals line: somehow you get pulled into an "inside information" group, a "mentor" posts winning trades every day, and the screen fills with "made a fortune following the mentor," most of it planted. The arc is the same as the romance line: you are directed to a designated platform, or asked to let the "mentor" trade for you, and a little sweetness is followed by a big harvest.
The tell: an online contact who talks investing soon after meeting; a "mentor" posting profit screenshots; the address of a trading platform you have never heard of; withdrawals that need a tax to release. Hit any one of these and the alarm should ring.
The right move: anyone talking investment on a dating app gets blocked, with no agonising over whether they were sincere; anyone asking to trade on your behalf, or to have you deposit to a designated platform, is refused flat; trade only inside the official app you downloaded yourself. If you are unsure whether a platform is real, run it through the framework for assessing platforms in is Binance safe.
Transfer scams: private deals that bypass escrow
The safety of P2P trading rests on platform escrow: the buyer pays, the seller releases, and it all happens inside the order flow while the platform locks the seller's coins until the trade completes. The moment you leave that flow for a private deal, the protection drops to zero.
The scammer's lines are always appealing: "cancel the order and transfer privately, the fee is lower," "the platform is slow to credit today, I will send straight to your wallet, instant," "add me on WhatsApp for a better long-term price." The instant you agree, a protected trade becomes a naked transfer. Sellers face a classic trap too: the other side sends a payment screenshot to rush you into releasing the coins, while not a cent has actually landed in your bank account.
The tell: any proposal to "leave the order flow." However reasonable the reason, however high the other side's rating, the moment the topic drifts toward "cancel the order," "transfer privately," or "chat somewhere else," it is a danger sign.
The right move: stay inside the order flow the whole way; before releasing coins, log into your own bank app and confirm the money truly arrived, trusting no screenshot; if the other side defaults, use the platform's appeal process. How to pick sellers and operate safely is in Buy USDT on P2P.
Already scammed? What you can still do
Here is the honest part first: the odds of recovering scammed assets are not high. On-chain transfers are irreversible, and once the scammer has the funds they usually move, split, and mix them within minutes. Even so, the steps below are still worth taking:
- Preserve evidence: chat logs, transfer records, the other side's addresses and accounts, and the URLs of the fake sites, all screenshotted and archived.
- Report to the platform: if the scam involves a Binance account or a P2P order, report it at once through in-app support or the Help Center and ask to freeze the other party's account, because if the assets are still in a verified account on the platform, a freeze has a chance.
- File a police report: take your evidence to the police even when the amount is small, because many scams are investigated jointly, and your evidence may be one piece of the picture.
- Stop the bleeding to prevent a chain reaction: if you leaked a password or a verification code, change the password immediately, reset 2FA, and check the device list to shut off a second loss.
One meta-rule that covers every variant
Scams keep reinventing their form, an airdrop today and a wealth product tomorrow, but the core is single, so the countermeasure needs only one meta-rule: any money-making opportunity that finds you first is a scam by default.
Treat it as the default value, rather than waiting for the other side to slip up before you judge. Real opportunities do not go around privately messaging strangers one by one; a stranger eager to "make you rich" is not after your happiness. And the rule harms nothing legitimate: an announcement you went to the official site to read, information you checked yourself, a decision you made after your own study, none of these count as being "found."
Beyond avoiding scams, put your account defences up too: two-factor authentication, an anti-phishing code, and a withdrawal whitelist make it hard for a scammer to succeed even with some of your information, and the setup is in Binance account security, done in twenty minutes. For any channel you are unsure of, check it on the official verification channel before you act, a habit that on its own blocks most scams.
Frequently asked questions
Will Binance support ever contact me first?
No. Binance's official support only helps through the live-support window inside the app and on the official site, and it never phones you, adds you on WhatsApp, or messages you first on Telegram. Any support agent who comes to you first can be treated straight away as fake.
How do I confirm whether a site or account is really Binance?
Use the Binance official verification channel. Paste in the suspicious URL, email, phone number, or social account, and it tells you whether it belongs to an official channel. That is far more reliable than eyeballing the domain, so check anything you are unsure about.
Can coins lost to a scam be recovered?
Honestly, the odds are low. On-chain transfers are irreversible, and scammers usually move and mix the assets fast. It is still worth keeping evidence, reporting to the platform, and filing a police report, and if the assets flowed into a verified exchange account, a freeze and trace have some chance. Be wary of any paid recovery service, which is essentially a second scam.
How do I tell a fake Binance app from the real one?
The most reliable method is to trust only the download source: enter the app store or get the installer from the download page on the Binance official site, do not tap search-engine ad slots, and do not scan QR codes of unknown origin. After installing, check the developer details, and set an anti-phishing code before you log in.
On P2P, can I cancel the order and transfer privately if asked?
No, that is a classic scam opener. Cancel the order and transfer afterward, and the trade leaves platform escrow, so once the coins or money are handed over and the other side disappears, you have no protection. Whatever reason they give, a lower fee or faster crediting, complete the trade inside the order flow.
There is a bleak truth in writing this kind of article: the people who read it carefully tend to be cautious already, while the ones who need it most are in some "rewards group" right now, certain they have met a benefactor. If this piece helped you, forward it to the friend or family member who recently started chatting with you about "investment opportunities," because heading off one is one saved. If you meet a new trick this article did not cover, write to [email protected] and we will add it.