Why holidays attract crypto scammers
The holiday season is supposed to be about rest, family and celebration. Unfortunately, it is also one of the busiest times of the year for cybercriminals.
Scammers take advantage of increased online shopping, festive promotions and emotional spending to trick people into handing over their money.
For cryptocurrency users, these scams can be especially damaging because crypto transfers are typically irreversible. Scammers know crypto transactions are irreversible, and many people are still learning how to handle their assets safely.
So, how do scammers target crypto users during the holidays, and what tactics do they use?
Let’s find out.
During the holidays, several conditions make scams easier to carry out and harder to detect.
-
First, people spend more time online. Between online shopping, travel bookings and festive social media activity, users see more ads and messages than usual. Scammers use this extra noise to slip in fraudulent links or fake offers.
-
Second, emotions run high. People are more generous, optimistic and sometimes stressed. Scammers know emotions can cloud judgment. They exploit this by offering “holiday bonuses,” “Christmas giveaways” or “year-end investment opportunities” that sound time-sensitive and exciting.
-
Third, people are distracted. With busy schedules and celebrations, fewer users take the time to verify links, apps or wallet addresses. A small lapse in attention can lead to significant crypto losses.
Which crypto scams surge as fraudsters exploit the festive season?
From phishing emails and fake wallet apps to bogus token sales and romance scams, criminals ramp up schemes during the holidays, targeting users with promises of bonuses, investments and love, all to steal crypto.
Phishing emails and fake wallet websites
Phishing scams remain one of the top ways criminals steal crypto. During the holidays, they often disguise phishing attempts as promotions or account alerts.
For example, an email may appear to come from a trusted exchange like Coinbase or Binance, claiming you have received a “holiday bonus.” The message includes a link to a fake login page. Once you enter your credentials, the attacker drains your account.
Scammers have also created fake wallet apps that mimic real ones. In past holiday seasons, security teams have found fraudulent apps on Google Play and the Apple App Store posing as popular wallets. Once installed, they request private keys or seed phrases, which are then sent to scammers.
Fake investments and token presales
Fraudsters often set up fake investment platforms or “holiday token presales.” They promise guaranteed returns or exclusive early access to a new coin or non-fungible token (NFT) collection. Victims are asked to deposit crypto on the platform. After enough people invest, the website disappears, and the scammers vanish with the funds.
In late 2025, authorities in London arrested five men suspected of running crypto scams that may have cost victims over 1 million British pounds. The schemes reportedly involved websites claiming to offer presale investment opportunities in new cryptocurrencies. This is a common pattern in fake presale scams that promise big returns.
Romance and “pig butchering” scams
The holidays can be lonely for some people, which can make them more vulnerable to emotional manipulation. In these scams, often called “pig butchering,” criminals create fake identities on dating or social platforms and build trust over weeks or months. Eventually, they introduce crypto as a shared “investment opportunity.”
In one of the most widely reported romance crypto scams, Shreya Datta, a tech professional based in Philadelphia, lost $450,000 after meeting a man on the dating app Hinge who claimed to be a French wine trader.
Over several weeks, he gained her trust and persuaded her to invest in what appeared to be a legitimate cryptocurrency trading platform. The deception unraveled only when the app demanded a 10% “income tax” fee before allowing withdrawals. That prompted Datta’s brother to investigate and uncover the fraud.
Many of these frauds intensify around Christmas and New Year, when victims are more emotionally vulnerable and online communication increases.
Did you know? A new campaign called “SparkCat” has been reported to have infected Android and iOS apps on official stores with a malicious SDK that uses optical character recognition (OCR) to steal crypto wallet recovery phrases. According to Kaspersky, the tainted apps were downloaded more than 242,000 times on Google Play, and many developers were likely unaware their apps had been compromised.
Impersonation and recovery scams spike during the holidays
Fraudsters pose as regulators, exchange staff or even charity organizers to trick victims into transferring funds. Others impersonate tech support or recovery agents to exploit people who have already been scammed.
Impersonation and fake…
cointelegraph.com