If you are a Tier 1 crypto media salesperson in 2025, chances are you have an imposter.
These are often fake Telegram, X, or LinkedIn accounts that provide “Tier-1 PR” to unsuspecting businesses, simply by sharing their personal USDT wallet address at the time of payment. Cointelegraph has seen many such cases.
In October 2025 alone, a Telegram profile was styled “Tobias Vilkenson | Cointelegraph.” BNB Chain sent a message asking them to “take some time to chat and feature BNB Chain in an article on Cointelegraph,” linking to an X account of the same name with over 6,000 followers. This is a textbook scammer’s game. They borrow the credibility of a news organization, promise an interview, then move the target to a private direct message (DM), where the scam continues.
Other Cointelegraph journalists have also reported scammers using their names and photos this year, including Erhan Karaman, Turner Wright, and Amin (Ruholamin) Hakshanas.
It’s not just Cointelegraph: Impersonators will be everywhere in 2025
Spoofing has become one of the most common social engineering tactics in cryptocurrencies this year. It is used to steal data, drain wallets, and blur the line between trusted media and outright fraud. Here are some examples:
August 2025: Fake CoinMarketCap “Journalist”
Several crypto projects received interview requests from email addresses such as team-coinmarketcap.com and matching X accounts posing as former CoinMarketCap reporters.
Once the “meeting” began, the scammer asked participants to adjust their Zoom settings and approve the remote control request, immediately granting the scammer access to their devices. CoinMarketCap later acknowledged that the sponsorship was fake and issued a public warning.
September 2025: The Empire Podcast Trap
Scammers replicated the branding of the popular podcast Empire and invited influencers to “record interviews” through fake StreamYard and Huddle links. This download silently installed AMOS stealer malware on macOS and siphoned browser cookies and cryptocurrency wallet data.
April 2025: Hong Kong deepfake officials
An AI-generated realistic video of Hong Kong Chief Executive John Lee Kathu has gone viral online promoting the “Official Investment Plan.” Authorities quickly debunked it and traced the scheme to a Telegram group connected to overseas scammers. Just a few weeks ago, a similar deepfake featuring the city’s Treasurer promoted a fake “National Hong Kong Coin.”
March 2025: “Binance Support” text scam
More than 100 Australians received SMS messages claiming their Binance accounts had been compromised. Victims were told to move their funds to a “secure wallet” for protection, which of course belonged to the attacker.
Summer 2025: Fake regulators on the rise
The UK’s Financial Conduct Authority (FCA) received approximately 5,000 reports in the first half of 2025 from individuals who were contacted by fraudsters posing as FCA employees. Scripts often start with a line like “Your crypto assets have been recovered” and end with a request for personal information or access to your wallet.
In all these cases the pattern is the same. That means a familiar identity, a quick transition to a private channel, and a request that disrupts the normal process, whether it’s a download, wallet transfer, or “verification.”
This is social engineering wrapped up in cryptocurrency branding, and it works because it looks legitimate at first glance. This is exactly why clear verification steps – checking author pages, domains, and official contact links – are more important than ever.
Did you know? In 2024, identity theft (or “spoofing”) fraud alone will cost consumers $2.95 billion in the United States.
Why is identity theft now on the rise?
Two major changes led to an explosion in identity theft in 2025.
First, X has overhauled its trusted verification system and replaced it with different monetization tiers to access premium benefits. The blue check no longer indicates authenticity, but simply indicates that the user is paying for X Premium. The previous “Notable and Verified” badge is gone, and ID verification is present, but it is optional and inconsistently enforced.
The result is a messy situation where cloned accounts can appear just as legitimate as the real ones. Some scammers purchase premiums to increase the authenticity of their fakes.
Second, identity fraud is booming in all industries, not just the crypto industry. Last year, the Federal Trade Commission (FTC) reported a record $12.5 billion in consumer fraud losses, and senior citizen identity theft more than quadrupled.
A report from the Federal Bureau of Investigation’s Internet Crime Complaint Center lists phishing and spoofing as the top categories of complaints. This has become one of the most lucrative forms of online crime, and the cryptocurrency sector remains a prime target, as everything takes place in public and anyone can contact you through DMs.
It’s not just some random scammer. Even regulatory authorities are being impersonated. In January 2024, the U.S. Securities and Exchange Commission’s official
Imagine how easy it is to impersonate a single journalist when an entire government agency can be cloned or compromised.
scammer’s playbook
Here’s how these scams typically play out, based on first-hand reports and platform data this year.
-
“Let me introduce you – can I move you to Telegram?” often begins with a polite DM from a familiar name on X, followed by a request to continue the conversation on Telegram. The clone handles there look almost identical to the real ones.
-
They demand a fee or “quick compensation” – classic lore. Sponsored content on Cointelegraph is clearly labeled and managed by a separate commercial team. No reporter ever asks for money for coverage. If someone does, it’s a scammer or, at best, a fake PR pitch disguised as an editorial.
-
They will send you a “quick zoom” or “confirmation link”. Phishing emails and DMs often copy a staff member’s name or spoof a company’s domain to convey urgency, with messages like “Learn more” or “Click here to schedule.” The FTC’s advice is simple. Don’t click on anything unexpected. Always confirm your contacts through known channels.
-
Similar handles and empty profiles are common. In X, scammers rely on slight misspellings, recent account creation dates, and copy-pasted posts. Some people buy premium for the blue check. Although X’s policy technically prohibits “misleading and deceptive identities,” reporting and removal often lags behind fraud.
-
They use pressure and secrecy. You’ll see lines like “Please keep this confidential” or “This must be completed within an hour.” In some cases, we may request your cryptocurrency wallet address for “verification” or “reward distribution”. That’s a stop sign. These are clear characteristics of social engineering attacks reported by cybersecurity agencies around the world.
If you see one of these in your inbox or DM, stop before responding. In the next section, we’ll walk you through a one-minute verification routine that will prevent you and your project from falling into the scammers’ trap.
Did you know? Telegram launched @notoscam after a surge in impersonation scams (fake accounts pretending to be trusted people or media brands) prompted users to need an official and easy way to report them.
Verify Cointelegraph in 60 seconds
-
Start with the source, the author page. If someone claims to be a Cointelegraph writer or editor, check their website first. All authors have a byline and, if applicable, a profile that lists verified social links, including this article’s author (Bradley Peak) link.
-
Check your email domain and contact channel. Actual Cointelegraph emails are always sent from @cointelegraph.com. If you are unsure, before replying,[概要/お問い合わせ]Please confirm your contact information using the address provided on the page.
-
Check the health of the X handle. Look out for subtle misspellings, recent creation dates, and sparse posting history. Note that in X, blue checks primarily indicate paid premium subscriptions and not traditional “notable and genuine” verification. If you see something you suspect to be fake, please report it via the X impersonation form. You can also submit as a bystander without an account.
-
Look at Telegram’s pivot. Many scammers will try to move you to Telegram using almost the same handle. If so, please check within the app and report it through the official @notoscam bot on Telegram or the reporting option on your profile.
-
If in doubt, please refer to the official website. Please do not proceed via DM. Use the contact addresses listed on the Cointelegraph website so that the appropriate team can verify whether your outreach is genuine.
5 easy ways to spot fake accounts
1. The handle looks about right, but not quite
Double characters, swapped characters, or extra underscores are easy to miss at first glance. Scammers rely on it. Always check the spelling for accuracy before assuming a profile is genuine.
2. Profile history is meaningless
Red flags are if a newly created account has only a few posts, no real replies, and lots of reused or copied content. Scammers often clone images and bios from legitimate profiles to appear established, but their posting patterns can often reveal this.
3. Try to move the chat off the platform immediately
A simple invite to Telegram or WhatsApp is one of the oldest tricks in the book. When someone advocates for a platform change, stop and look at who they are talking to. Telegram also operates an official @notoscam bot for reporting exactly this type of scam.
4. Mention money or “quick compensation”
Cointelegraph reporters do not request cryptocurrency payments or “coverage”. Editorial work and sponsored partnerships are handled separately through official channels and are clearly labeled as such. If someone mentions payment in a DM, it’s a scam.
5. I feel uncomfortable with emails and links.
Be on the lookout for near-miss domains or messages that prompt you to click right away. Regular staff do not rush communication. If you think something is urgent or out of place, please check with us using the contact information provided directly on the Cointelegraph website.
Cointelegraph’s commitment to readers
At Cointelegraph, editorial independence is non-negotiable. Reporters and editors do not handle sponsorships or paid referrals, and all commercial content is clearly labeled and kept separate from the newsroom. Readers can always tell the difference between editorial coverage and sponsored material.
Verification is easy. Every team member has an author page on cointelegraph.com that includes a byline and verified social links where relevant. If you receive a communication claiming to be from one of our writers, please first check that page or contact us at the address listed in the About section of the website.
Cointelegraph will also update the author’s bio to include their official LinkedIn and X handles, allowing readers and partners to instantly verify their identity.
In an industry crowded with impersonators, these small verification steps help keep communications transparent, trustworthy, and safe for everyone.