Join UPay

Day: May 21, 2026

Fake Crypto Exchanges: Case-Studies, How to Identify a Fake Exchange

An image with the write up: fake crypto exchanges.

Fake crypto exchanges stole more money from victims in 2024–2025 than in any prior period with the FBI reporting $5.6 billion lost to crypto fraud in 2023 alone, a 45% year-over-year increase. The majority of these losses involved fake or fraudulent trading platforms. These platforms are no longer crude websites. The most dangerous ones used in pig butchering scams are sophisticated, mobile-optimised applications with live support chat, fabricated price charts, and real-looking withdrawal confirmations designed to extract multiple deposits before disappearing entirely. This guide covers how to identify a fake exchange before you deposit, the specific red flags scammers try to hide, a list of known fraudulent platforms, and what to do if you’ve already been targeted. How to spot a fake crypto exchange Full identification checklist, named examples, scam type breakdown, and reporting guide below. What Are Fake Cryptocurrency Exchanges? Fake cryptocurrency exchanges are fraudulent platforms that mimic the appearance and functionality of legitimate crypto exchanges but are designed to deceive users.  Unlike genuine exchanges, which facilitate secure and transparent transactions, fake exchanges aim to scam investors out of their money. These fraudulent platforms may offer unrealistic trading benefits, extremely low fees, or promotions to lure users.  They often lack proper security measures, regulatory compliance, and customer support. The primary goal of these fake exchanges is to collect personal and financial information or to take cryptocurrencies deposited by users without allowing them to withdraw funds. How to Identify a Fake Crypto Exchange — 10-Point Checklist 1. Regulatory registration Search FinCEN (US), FCA Register (UK), or ASIC (AU). If you can’t find it in 2 minutes, it likely isn’t registered. 2. KYC process present Legitimate exchanges require identity verification. A platform that accepts deposits without any identity check is violating AML law and is almost certainly fraudulent. 3. No deepfake celebrity endorsements Platforms using AI-generated videos of Elon Musk, Vitalik Buterin, or other tech figures to appear credible are fake. No legitimate exchange advertises this way. 4. Withdrawal tested before large deposit  Deposit a small amount and attempt to withdraw it. If withdrawal is blocked, delayed, or requires additional fees to unlock, stop immediately. 5. Domain age verified Examine any promotional offers very carefully. Extremely low trading fees or offers that promise high returns with little or no risk are typical tactics used by scams to attract victims. Compare these offers with those of established exchanges. 6. Domain age verified Look for reviews on independent websites, social media, and cryptocurrency forums. A legitimate exchange will likely have a mixture of positive and negative reviews that reflect genuine user experiences. Be wary if there are no reviews or if all reviews seem overly positive and non-specific, as these could be fabricated. 7. Withdrawal Process Verify the withdrawal process by reading user feedback and official policies. Many fraudulent exchanges allow for deposits and trading but make it very difficult to withdraw funds, often requiring excessively high minimum balances or imposing unjustified fees. 8. Company Background and Leadership Investigate the history and reputation of the company running the exchange. Look into the backgrounds of the leadership team for their experience and credibility in the financial or tech industries. Lack of clear information about the company’s leadership or ownership should raise concerns. 9. Physical Address and Contact Information Verify the physical presence of the company through its registered address. Scams often do not provide an address, or the provided address may lead to non-business locations or virtual offices. 10. Use of Escrow for Transactions Check whether the exchange uses a secure and reputable third-party escrow service for transactions, which can protect both buyers and sellers by holding the funds until all parties fulfill the terms of the transaction. Related: Ultimate Guide To Recover Money From Crypto Scam Most Common Scams Linked to Fake Cryptocurrency Trading Platforms 1. Pig Butchering Scam (Sha Zhu Pan) — Most Financially Devastating Pig butchering (from the Chinese shā zhū pán, meaning slaughter the pig) is the single most prevalent and financially devastating scam type linked to fake crypto exchanges in 2024–2026, according to the FBI. The mechanics are as follows: 2. Pump and Dump via Fake Exchange Some fraudulent platforms list obscure or entirely fictitious tokens and artificially inflate their price using coordinated purchasing. Victims are recruited through social media to buy the token before it explodes. Once the price peaks and enough real buyer money has entered, the scammers sell their holdings, crashing the price to near zero. The fake exchange facilitates the transaction, takes its cut, and often blocks withdrawals after the crash. 3. lone Exchange Phishing A clone exchange replicates the design of a legitimate platform (Binance, Coinbase, Kraken) with a near-identical URL. When a victim enters their login credentials, those credentials are captured in real time and used to drain the genuine account. Unlike pig butchering, clone exchanges target existing crypto holders rather than newcomers, often more experienced users with larger balances who drop their guard because the platform looks exactly right. 4. Fake Initial Coin Offering (ICO) via Fraudulent Platform Fraudulent platforms host fake token sales, presenting professional whitepapers, countdown timers, and fabricated investor interest. The ICO raises real money, the token never launches or has any value, and the platform disappears. These scams are particularly common in bull markets when new project launches attract mainstream interest and less due diligence. What to Do If You Recognise One of These Scam Types If you have been targeted by any of the above, the following steps apply regardless of scam type: Case Studies of Fake Crypto Exchanges Spoofed Coinbase Pro (2024) — Clone Website Attack In 2024, Indian national Chirag Tomar was convicted in the United States for operating spoofed Coinbase Pro login pages that outranked the genuine site on Google Search results for brief periods. Visitors entering their login credentials had their accounts immediately drained. Impact: Over $20 million stolen from victims across multiple jurisdictions before the operation was shut down by US federal investigators. Lesson: Always navigate to crypto exchanges by typing the URL

Anti Money Laundering in Cryptocurrency — What It Means for You

AML in crypto

Anti-money laundering (AML) in cryptocurrency refers to the laws, regulations, and compliance procedures that require crypto businesses to detect, prevent, and report illicit financial activity. Money laundering, the process of disguising the origins of illegal funds, is a major concern for regulators and threatens the legitimacy of the entire cryptocurrency market. For cryptocurrency exchanges, wallet providers, and virtual asset service providers (VASPs), AML compliance is not optional. It is a regulatory requirement enforced by bodies including the Financial Conduct Authority (FCA) in the UK, FinCEN in the US, and shaped globally by the Financial Action Task Force (FATF). This guide explains how crypto AML works, what regulations apply to your jurisdiction, which tools and practices are required, and how UK-based crypto businesses can build a compliant AML framework. Why is AML Important in Cryptocurrency? Shutterstock The aim is to ensure that cryptocurrencies are used for legitimate purposes and not for activities like fraud or funding terrorism. However, because crypto transactions can be sneaky and happen anywhere in the world, Anti Money Laundering in cryptocurrency needs smart technology and cooperation to work effectively. Read Also: How to Remove Crypto Mining Malware, Crypto Recovery Companies. How Anti-Money Laundering Works in Cryptocurrency — A Step-by-Step Framework 1. Risk Assessment Before onboarding any customer, a crypto business must conduct an AML risk assessment. This means evaluating the specific risks posed by the platform’s products, customer base, geographic exposure, and transaction types. The risk assessment forms the foundation of the entire AML programme and must be reviewed regularly. 2. Know Your Customer (KYC) and Customer Due Diligence (CDD) Every customer must be identified and verified. Standard CDD involves collecting government-issued ID, proof of address, and assessing the customer’s intended use of the platform. For higher-risk customers, including Politically Exposed Persons (PEPs) and those from high-risk jurisdictions. Enhanced Due Diligence (EDD) applies, involving additional verification, source-of-funds checks, and ongoing monitoring. 3. Know Your Business (KYB) For corporate customers, exchanges must verify the business entity itself, identify Ultimate Beneficial Owners (UBOs), and assess the business’s own AML risk profile. 4. Transaction Monitoring VASPs must continuously monitor transactions on their platform for suspicious activity. This includes unusually large transfers, rapid movement between wallets, transactions involving sanctioned addresses, and patterns consistent with layering or smurfing. 5. Blockchain Analytics Blockchain analytics tools (such as Chainalysis, Elliptic, and TRM Labs) allow exchanges to trace the origin and destination of funds on-chain, identify connections to known illicit wallets, and generate risk scores for wallet addresses. 6. Sanctions Screening Every customer and transaction must be screened against international sanctions lists, including OFAC’s Specially Designated Nationals (SDN) list, the UN Consolidated list, and the UK HM Treasury Sanctions list. 7. Suspicious Activity Reporting (SAR) When suspicious activity is detected, VASPs are legally required to file a Suspicious Activity Report with the relevant Financial Intelligence Unit (FIU). In the UK, this means reporting to the National Crime Agency (NCA). Failure to file is itself a criminal offence. 8. Travel Rule Compliance For transactions above the relevant threshold (typically £1,000 in the UK), VASPs must collect and transmit sender and recipient information alongside the transfer. This applies to transfers between VASPs and is enforced by the FCA. 9. Record-Keeping All customer data, transaction records, and AML compliance activities must be retained for at least five years. These records are subject to inspection by regulatory authorities. 10. Employee Training All staff must receive regular AML training appropriate to their role. The Money Laundering Reporting Officer (MLRO), a mandatory position for FCA-registered firms is responsible for maintaining the training programme and ensuring regulatory returns are filed correctly. The Three Stages of Money Laundering — How Crypto Is Used at Each Stage Stage What Happens How Crypto Is Exploited AML Control Placement Illicit cash or funds are introduced into the financial system for the first time Purchasing cryptocurrency at exchanges or peer-to-peer platforms using cash; depositing to a non-KYC exchange; using a crypto ATM with no verification KYC at onboarding; cash-to-crypto monitoring; crypto ATM operator registration Layering Funds are moved through complex transactions to obscure their trail and make tracing difficult Passing funds through multiple wallets; using mixers/tumblers; swapping between cryptocurrencies; using privacy coins (Monero, Zcash); exploiting DeFi protocols Blockchain analytics; transaction monitoring for layering patterns; sanctions screening on wallet addresses Integration Laundered funds re-enter the legitimate economy appearing as clean money Converting crypto to fiat and withdrawing; purchasing assets (real estate, NFTs, luxury goods) via crypto; business accounts receiving “crypto income” Source-of-funds checks during large withdrawals; Enhanced Due Diligence; monitoring for cash-out patterns Crypto AML Regulations in the UK — FCA Requirements and Obligations The United Kingdom has one of the most active regulatory environments for cryptocurrency AML compliance in the world. The key regulatory framework consists of: 1. Money Laundering Regulations 2017 (MLRs 2017) The primary UK legislation requiring crypto asset exchanges and custodian wallet providers to register with the FCA and implement full AML/CTF programmes.This includes KYC, CDD, EDD, transaction monitoring, SAR filing with the National Crime Agency, and Travel Rule compliance. 2. FCA Crypto Asset Registration Since January 2020, all UK-based crypto asset businesses must be registered with the FCA under the MLRs. Operating without registration is a criminal offence. As of 2025, the FCA has approved fewer than 50% of applicants, the bar for AML compliance standards is high. 3. Travel Rule (UK) The UK Travel Rule came into force in September 2023, requiring VASPs to collect and transmit sender and recipient information for transfers of £1,000 or more. The FCA enforces compliance, and non-compliant transfers must be rejected. 4. MLRO Requirement FCA-registered firms must appoint a Money Laundering Reporting Officer (MLRO), a senior individual who is personally responsible for the firm’s AML programme and for filing Suspicious Activity Reports with the NCA. 5. FCA Enforcement In 2024, the FCA issued its first enforcement action against a firm enabling crypto asset trading, fining CB Payments Limited (a Coinbase entity) £3.5 million (~$4.7 million) for AML failures including inadequate transaction monitoring and insufficient customer