You found a crypto presale. The website looks professional. The team seems credible. The whitepaper is detailed. And you are about to send your money.
Stop. This is exactly how crypto phishing scams are designed to work.
This guide walks you through every method scammers use to steal funds through fake presales — and gives you a step-by-step verification process to protect yourself.
The Scale of Crypto Presale Scams in 2025–2026
- $11 billion+ in total US crypto fraud losses in 2025 per the FBI IC3 — up 22% from 2024
- 181,565 crypto fraud complaints submitted to the FBI in 2025
- $83.85 million lost to wallet drainer phishing scams globally in 2025 (Scam Sniffer), affecting 106,106 victims
- 37% of new token launches in 2025 were rug pulls
- $4.6 billion in crypto scams in 2025 involved AI-generated deepfakes — AI deepfakes in fraud surged 700% in 2025
- Q1 2026 saw 971,181 phishing attacks — a 13.8% increase over Q4 2025
The positive signal: wallet drainer losses dropped 83% in 2025 vs 2024 ($83M vs $494M). Security tools and investor awareness are improving. You can protect yourself — but only if you know what to look for.
The 5 Methods Scammers Use on Presale Investors
Method 1: Typosquatting (Fake Official Websites)
Scammers create websites visually identical to real presale sites but with one character difference in the URL:
- Real: presaleproject.io → Fake: presaIeproject.io (capital I instead of lowercase l)
- Real: presaleproject.io → Fake: pre-saleproject.io (hyphen added)
- Real: presaleproject.io → Fake: presaleproject-official.io ("official" appended)
The fake site connects your wallet and drains funds through a malicious approval transaction. Always bookmark the official URL from the project's verified Twitter blue-check announcement. Never click presale links from emails, paid ads, or comments.
Method 2: Fake Telegram and Discord Groups
Scammers create Telegram groups and Discord servers mimicking official communities, then send direct messages saying "You have been selected for exclusive early presale access." Official projects never DM you first. Real admins communicate in public channels, never through private messages.
Method 3: Wallet Drainer Contracts
A wallet drainer is a smart contract that — once you approve it — removes all tokens and NFTs from your wallet. Drainers hide inside fake presale websites. When you click "Approve," you are signing a transaction granting the contract unlimited access to your assets. The largest single drainer theft in 2025 was $6.5 million via a Permit-style signature.
Method 4: AI Deepfake Promotions
AI deepfakes in crypto fraud surged 700% in 2025. Scammers create realistic-looking videos of Elon Musk, Vitalik Buterin, or Michael Saylor appearing to endorse a presale. Scams using AI extract $3.2 million per operation on average vs $719,000 for non-AI scams — 4.5× more revenue per scheme. No founder or celebrity promotes presales through random YouTube or Facebook ads. If you see one, it is fake without exception.
Method 5: Pig Butchering (Long-Term Social Engineering)
A scammer builds a relationship over weeks — sometimes as a romantic interest or successful investor. After gaining trust, they introduce a "private presale opportunity" on a platform they control. By April 2026, authorities had seized 503 fake investment websites and restrained $701.96 million linked to these operations. The DOJ Scam Center recovered $580 million in its first 3 months of 2026 operations.
6-Step Presale Website Verification Checklist
Step 1: Check the URL Character by Character
Is every character in the domain exactly right? No extra hyphen, letter substitution, or appended word? Bookmark official URLs only from the project's verified blue-check Twitter account or official Telegram pinned message.
Step 2: Verify SSL (HTTPS)
The site must show "https://" and a padlock. This alone is not sufficient — scam sites also use SSL. But the absence of HTTPS is an immediate disqualifier.
Step 3: Check Domain Registration Age on WHOIS
Visit WHOIS.com and enter the domain. Sites registered within the past few weeks are far more suspicious than domains registered months ago. Legitimate projects register their domain well before the presale launch.
Step 4: Cross-Reference the Smart Contract Address
Find the official presale contract address on the project's official website AND official Telegram pinned announcement. Verify it on Etherscan, TRONSCAN, or the relevant block explorer. A mismatch in any character means stop immediately.
Step 5: Verify the Audit Report Independently
Go directly to the auditor's website (certik.com, hacken.io) and search for the project. If it does not appear in their official database, the audit displayed on the presale site is fake.
Step 6: Check Scam Databases
Search the project on ScamAdviser.com, Scam Sniffer (scamsniffer.io), and CryptoScamDB. Also Google the project name plus "scam," "rug pull," and "review" — community warnings often appear quickly when a project is fraudulent.
Also review our presale risk evaluation guide for additional project-level due diligence before investing.
Instant Red Flags: Walk Away Immediately If You See These
- Guaranteed returns: "Guaranteed 10× in 30 days." Illegal in most countries and always a scam
- Artificial urgency: "Only 2 hours left!" with countdowns that keep resetting
- Celebrity deepfake endorsements: AI videos of famous figures in YouTube or Facebook ads
- Support only via DMs: No public support channel — only private messages from "team admins"
- No team information: Zero named members, no verifiable history
- Presale URL differs from main domain: Real presales live on subdomains of the main site, not different domains
- 100K followers, 3 likes per post: Classic sign of purchased fake followers
How to Protect Your Wallet from Drainers
- Use a hardware wallet (Ledger or Trezor) for significant holdings — requires physical confirmation for every transaction
- Never approve unlimited spending permissions on any contract you do not fully trust
- Regularly revoke old approvals using Revoke.cash or MetaMask's built-in approval management
- Use a dedicated "burner wallet" with only the amount you plan to invest for any new presale interaction
- Never sign a transaction you do not fully understand — research before confirming
For the legal steps if you are targeted, see our crypto presale legal guide covering reporting options by country.
What to Do If You Have Been Scammed
- Stop all transactions immediately and revoke all approvals on the malicious contract at Revoke.cash
- Report to national authorities: FBI IC3 (ic3.gov) in USA, Action Fraud in UK, cybercrime.gov.in in India
- Report the scam contract to Scam Sniffer, CryptoScamDB, and the relevant block explorer
- Do NOT pay recovery scam services — they are almost always secondary scams. The FBI recorded 10,500+ recovery scam complaints in 2025 with $1.4 billion in additional losses from victims paying fake recovery services
Glossary
- Phishing
- Scam attacks that impersonate legitimate services to steal credentials or wallet access.
- Wallet Drainer
- A malicious smart contract that removes all tokens from your wallet upon approval.
- Typosquatting
- Creating fake websites with URLs almost identical to real ones, designed to catch users who mistype or click bad links.
- Pig Butchering
- A long-con fraud where scammers build trust over weeks before introducing a fake investment platform.
- Token Approval
- A transaction giving a smart contract permission to spend tokens in your wallet. Malicious approvals allow drainers to steal assets.
- Deepfake
- AI-generated video or audio that realistically impersonates a real person, increasingly used to fake celebrity endorsements in crypto scams.
Disclaimer
Important: This guide is for educational purposes only. CryptoPresaleNews.com cannot guarantee any presale is safe. Crypto scams evolve constantly. Always do your own research. If you believe you have been defrauded, contact your national financial regulator or cybercrime authority immediately.
