Domain server

Crypto domain spoofing and how to avoid these scams

By IST (Released)


Domain spoofing has been around for a while. Previously, scammers used this method to imitate the domains of banks and other traditional financial institutions. Now bad actors are using this exploit in the crypto world.

Crypto scams have plummeted this year. At the end of July, bad actors took away $1.6 billion in ill-gotten funds, 65% less than the figure for the same duration in 2021. However, that doesn’t mean we can let our guard down.

Scammers are always looking for new ways to steal your crypto holdings. And one of the latest methods used by attackers these days is domain spoofing. It is the act of impersonating the website of well-known crypto exchanges, DeFi platforms, DApps, etc.

Unknowing victims interact and transact with these bogus websites and lose lots of money. So follow us as we take a closer look at domain spoofing and learn some best practices for securely transacting in the cryptoverse.

The almost perfect domain

Domain spoofing has been around for a while. Previously, scammers used this method to imitate the domains of banks and other traditional financial institutions. Now bad actors are using this exploit in the crypto world.

Imitations have also become harder to spot. Crooks now use Unicode symbols to replace standard English characters. These symbols look like letters, making it easier to get past the defense of unsuspecting victims.

For example, they can use an inverted exclamation mark (¡) as an “i” in a link. Or they can insert the Greek letter symbol alpha (“α”) as an “a”. They can also use simpler methods such as an extra letter or a zero instead of “o”. To the untrained eye, these look like legitimate domains. Moreover, scammers use well-designed fakes of genuine websites, which makes it even harder to tell the difference.

How do these scams work?

Most often, scammers use fake offers to lure their victims. These offers will come to you via email, tweet or even SMS. They will try to send you to the fake domain they set up, and since the URL looks legit, most people take the bait and click the link.

Now they land on a seemingly legitimate page, where they will be asked to provide their login credentials to continue. Crooks can track typed characters and letters, giving them access to the victim’s accounts. Once they gain access to their accounts, they will likely empty the funds entirely.

Best practices to avoid domain spoofing

Pay close attention to spelling

Domain hijackers get most of their victims by creating near-perfect websites with an extra letter or number. Therefore, if you pay close attention to the domain name in the address bar, you can easily spot the bad ones. Besides spelling, scammers sometimes create exact match URLs, but with a different top-level domain. For example, instead of the actual ‘.com’ domain, scammers can use ‘.in’ or ‘.net’ or something completely random like ‘.xyz’.

Bookmarks are your best friends

Bookmarking trusted websites is a great way to avoid spoofed domains. If you receive an offer purporting to be from one of the platforms/projects you know and use, just click the bookmark instead of the embedded link in the email, tweet or SMS you received.

look for the lock

The padlock on the address bar is your first sign of trust. This indicates that the connection between your web browser and the website server is encrypted. It also ensures that the website you are visiting has its required SSL certificate. Scammers usually don’t go that far to create a fake domain. Either way, you should always do your due diligence before disclosing financial information on a website.

More than one wallet is a good thing

If you are new and still exploring the crypto world, use a wallet with very limited funds. This way the damage is limited if you get caught in a scam. Wallets in the cryptosphere are practically unlimited and free, so why not? When sharks and whales can do it, so can you.

Check offers

It is not uncommon for crypto platforms to offer lucrative offers. They could give users access to exclusive airdrops or free tokens for users who perform specific tasks. However, it is worth checking out these offers on the official website (which you hopefully bookmarked) or their official social media handles. You can also participate by visiting the official website and following the process, rather than clicking on the link you received in an email, tweet or text message.


These types of social engineering scams leave the ball in your court. They need the victim to play into the trap for the fraud to work. Therefore, doing your due diligence can ensure that you don’t fall victim to such exploits. And now that you know what to look for, it should be much easier to spot spoofed domains.