Learn · Crypto safety · Updated June 2026
Crypto transfers are final. There is no chargeback, no fraud department, no reverse. Run these five checks first.
Paste the address into the GACS Wallet Checker. If it's flagged, stop. If it's clean, that's necessary but not sufficient — run the four other checks below before sending.
Start with the GACS wallet checker — it cross-references community reports, drainer fingerprints and partner threat feeds. If the address appears, stop. If it doesn't, that's necessary but not sufficient — keep going.
A fresh wallet with zero history that's asking you to send funds is a red flag on its own. Established wallets transacting with known sanctioned addresses, mixers, or drainer contracts are an immediate stop. Use a block explorer (Etherscan, Solscan, BscScan) and look at who they send to and receive from.
If you're being asked to sign a transaction or approve a token rather than just send a payment, slow down. Wallet drainers don't need your seed phrase — they need a single approval signed in your wallet. Read what your wallet shows; if you can't understand it, don't sign it.
If someone says 'send to my Binance deposit address' or 'this is my Coinbase wallet', that should be a freshly generated deposit address starting with the chain's standard format and visible inside your own exchange dashboard. Anyone who DMs you a wallet address out of context is not who they say they are.
OFAC, UK OFSI, and EU sanctions lists publish addresses tied to North Korea (Lazarus), ransomware groups, and sanctioned exchanges. Sending to them isn't just risky — it's potentially illegal in your jurisdiction.
The wallet address is just the destination. Most modern crypto scams don't fail at the address layer — they fail at the approval layer. A pig-butchering victim sends to a real exchange deposit address that does belong to them; the scammer's control is at the front end where withdrawals are blocked until a fake "tax" or "unlock fee" is paid. A wallet-drainer victim signs a single approval on a phishing site; their tokens are drained from a wallet whose address never appears in any scam database, because the loss happened through permit or setApprovalForAll, not a transfer.
The practical implication: read every signature your wallet shows you. If you can't articulate what permission you are granting and to whom, reject. Run the five checks above on the destination, but treat the approval itself as the real attack surface.
No wallet is 'safe' in the abstract — only safe for a specific transaction with a known counterparty. Run all five checks: search confirmed-scam databases (GACS wallet checker), look at on-chain history and counterparties, watch for approval/signature traps rather than plain transfers, verify the destination matches the entity claiming to own it, and cross-check OFAC sanctions lists. If any check fails, don't send.
A wallet drainer is a malicious contract that, once approved, can transfer your tokens or NFTs out of your wallet without your seed phrase. They're hidden behind 'free mint,' 'airdrop claim,' 'connect to verify' and fake support links. Avoid them by treating every signature request as a potential drainer: if you can't read the function and arguments your wallet is showing, reject. Use a hardware wallet for any address holding meaningful value, and a separate burner wallet for new dapps.
Sometimes — but only if you move fast and only through legitimate channels. If the funds touched a centralised exchange (Binance, Coinbase, Kraken, OKX), file an immediate fraud report and ask them to freeze the deposit address; some exchanges will hold funds pending law-enforcement requests. File with your country's cybercrime unit and the FBI's IC3 if any party is US-linked. Be extremely wary of 'recovery experts' contacting you afterwards — recovery-scams are a multi-billion-dollar second wave of fraud targeting recent victims.
No. Etherscan's 'verified contract' label means the contract source code matches what was deployed — it's a transparency feature, not a safety endorsement. Plenty of verified contracts are drainers; their source code is malicious but visible. Always check what a contract actually does, not just whether it's verified.
Hardware wallets protect your private key, not your judgement. If you sign a malicious approval on a hardware wallet, the drainer still works — the device just confirmed you really meant to approve it. The hardware wallet's job is to make sure you see what you're signing on a separate screen; if you ignore that screen, the protection is gone.
