How often is the GACS scam database updated?

Continuously. New impersonator handles, wallet addresses, and phishing domains are ingested every few minutes from user reports and our scanners. Trend reports refresh every 24 hours.

Is the GACS scam database free to use?

Yes. Every lookup is free and anonymous. You can search a handle, wallet address, or URL without signing up.

Does GACS store personal data on the people who search?

No personally identifying data is stored. Searches are logged in aggregate (count and category) for trend reports but not tied to any user identity, IP, or browser fingerprint that could re-identify someone.

Where does the data come from?

Three sources: public scam reports submitted through gacs.app, automated scans of social platforms and on-chain activity, and partner feeds from open-intel communities. No private data is scraped.

The Global Scam Database — Updated Daily (2026)

Name: GACS Global Scam Database
Creator: GACS
License: https://gacs.app/terms

What this database tracks

The GACS scam database is a public-good index of the patterns scammers use to extract money and identity from real people. It is not a list of names or accusations. It is a structured record of behaviours, infrastructure, and linguistic fingerprints that have been observed in confirmed fraud cases. As of 2026 the database covers four primary surfaces:

Impersonator account clusters. Handles across X, TikTok, Instagram, YouTube, Telegram, and WhatsApp Business that have been flagged as imitating a verified entity. Clusters are grouped by shared infrastructure — recycled bios, identical posting cadences, shared destination links — so that taking one down surfaces the rest.
Scam phrase signatures. Multi-word phrases drawn from confirmed scam DMs and comments, including the AI-generated variants that started replacing handwritten templates in 2025. Phrases are stored with category, language, and first-seen date so a journalist or platform-trust team can ask "when did this pattern emerge?" and get an answer.
Wallet and address blacklists. On-chain addresses linked to confirmed rug pulls, drainers, fake recovery agents, and pig-butchering off-ramps. Each entry carries an evidence pointer (transaction hash, source report ID) so you can audit the call.
Cross-platform fraud trails. Many 2026 scams hop platforms: TikTok comment to Telegram DM to a wallet drainer site to a Cash App tag. The database links these hops so a single search can surface every leg of a campaign.

Daily scam trends

Every 24 hours the trend report regenerates. Here is what the top of the list typically looks like in mid-2026 — the categories are stable, the specific accounts and addresses rotate constantly:

Top 10 scam types by daily volume

Recovery scams — fake "fund recovery" agents targeting victims of earlier scams. The fastest-growing category two years running.
AI celebrity impersonation — deepfake giveaway videos posted to TikTok and YouTube Shorts, redirecting to Telegram.
Wallet drainer phishing — fake airdrop and claim pages targeting Web3 wallets.
Pig-butchering on dating apps — long-con investment fraud, increasingly handed off to AI chat agents after the first week.
Fake job offers — "remote crypto analyst" roles that require a wallet deposit to start.
Cashtag and Zelle impersonation — fake customer-support handles intercepting payment-app users.
Tech support scams — pop-up and phone-based, still resilient because they target non-technical adults.
Sextortion — AI-generated nude images of real people, used as leverage.
Fake brokers — copy-paste broker sites with fabricated regulator badges.
Rugpull memecoins — paired with influencer impersonation to seed demand.

What's new in the last 30 days

A surge in deepfake voice-note "emergencies" on WhatsApp, using cloned voices of the recipient's adult children.
A new "verified deepfake-protected message" phrase template that scammers attach to outbound DMs to short-circuit suspicion.
Impersonator clusters using Threads and Bluesky as overflow infrastructure when their primary X accounts get suspended.
A wave of fake "press releases" posted to discount PR-distribution sites, used to dress up rugpull tokens with the appearance of legitimate coverage.

How GACS collects signals

The methodology matters because a bad scam database is worse than no scam database — false positives destroy real businesses and erode trust. GACS uses four signal streams, all of which are auditable:

Public reports. Anyone can submit a scam through gacs.app. Reports include the URL, handle, or address, plus optional evidence (screenshots, message text). Submissions are anonymous; we don't tie reports to accounts.
Automated scanners. Our social scanner checks handle structure, posting cadence, bio language, follower-to-following ratio, and link destinations against learned patterns. The wallet scanner checks on-chain behaviour (mixers, sanctioned addresses, drainer contract interactions).
Cross-platform correlation. When the same destination link or wallet address appears across multiple reports from different surfaces, it gets promoted from "watch" to "confirmed". Single reports never trigger a public flag on their own.
Partner feeds. Where available, we ingest open-intel signals from anti-fraud communities, chain-analytics providers, and APWG-style exchanges. Every external source is attributed.

No personal data is stored on searchers. When you look up a handle, we log the category and count for trend reports — never your IP, browser fingerprint, or session in a form that can be re-identified. That is enforced at the database layer, not just in a policy document.

How to use the database

Search

Paste a handle, a URL, or a wallet address into the scanner on any GACS tool page. You get back a verdict (Safe, Caution, or Danger), the matching signals, and — if the entity is part of a known cluster — links to the related accounts. No login required.

Scan

Beyond one-off lookups, the scanner can run on your following list or your recent DMs to surface impersonators already inside your orbit. Use this monthly if you have a public following; weekly if you are over 100k followers.

Report

If you encounter a scam not in the database, submit it. Every confirmed report makes the next search faster for someone else. Reports take 60 seconds and require no account.

How to protect yourself

A scam database is a verification tool, not a force field. The actual safety checklist is short and old:

Verify before sending. Any payment request — by anyone, on any platform — gets a second-channel check. Phone the person on a number you already had. Reply to an old email thread.
Treat urgency as a red flag. Real institutions do not require action in the next 30 minutes. Scammers do, because urgency disables verification.
Never approve a wallet transaction you don't fully understand. If the signature prompt has a function name you don't recognize, decline and look it up.
Use a hardware wallet for anything above pocket change. Browser wallets are fundamentally exposed to drainer sites; hardware wallets are not.
Run a free scan before you act on a DM about money. Five seconds of friction prevents most losses.

Bottom line

The Global Scam Database exists to put a verification step between a scammer's pitch and a victim's wallet. It is free, anonymous, continuously updated, and built on signals you can audit. Use it before you send; use it before you sign; and if you see something it has missed, report it so the next person doesn't get hit.