If you’re a tier-1 crypto media sales representative in 2025, it’s highly likely you have an impersonator.
Fake Telegram, X, or LinkedIn accounts frequently promise “Tier-1 PR” to unsuspecting businesses, only to ask for a personal USDT wallet address at the payment stage. Cointelegraph has encountered numerous such incidents.
In October 2025 alone, a Telegram profile named “Tobias Vilkenson | Cointelegraph” messaged BNB Chain to “set up a time to chat and feature BNB Chain in a Cointelegraph article,” linking to a corresponding X account with over 6,000 followers. This is a classic impersonation tactic: leveraging a newsroom’s credibility, promising coverage, and moving targets into private direct messages (DMs) for scam continuation.
Other Cointelegraph journalists, including Erhan Kahraman, Turner Wright, and Amin (Ruholamin) Haqshanas, have reported scams using their names and photos this year as well.
It’s not just Cointelegraph: Impersonators are everywhere in 2025
Impersonation has emerged as one of crypto’s most prevalent social-engineering tactics this year: utilized for data theft, wallet drainage, and blurring the lines between trusted media and outright fraud. Here are a few instances.
August 2025: Fake CoinMarketCap “journalists”
Numerous crypto projects received interview requests from email addresses such as team-coinmarketcap.com, accompanied by matching X accounts impersonating former CoinMarketCap reporters.
Once the “meeting” initiated, the impostors instructed participants to modify Zoom settings and approve a remote-control request, thus granting scammers immediate access to their devices. CoinMarketCap eventually verified the outreach as fraudulent and issued a public warning.
September 2025: The Empire podcast trap
Scammers replicated the branding of the popular Empire podcast, inviting influencers to “record interviews” through fake StreamYard and Huddle links. The downloads covertly installed AMOS stealer malware on macOS, extracting browser cookies and crypto wallet data.
April 2025: Hong Kong deepfake officials
A hyper-realistic AI-generated video of Hong Kong Chief Executive John Lee Ka-chiu spread online, promoting an “official investment plan.” Authorities swiftly debunked it and traced the scheme back to a Telegram group associated with overseas scammers. A similar deepfake involving the city’s financial secretary promoting a fake “National Hong Kong Coin” surfaced just weeks earlier.
March 2025: “Binance support” text scam
More than 100 Australians received SMS messages claiming their Binance accounts were compromised. Victims were instructed to transfer funds to a “secure wallet” for safety, which, of course, belonged to the attackers.
Summer 2025: Fake regulators on the rise
The UK’s Financial Conduct Authority (FCA) received nearly 5,000 reports in the first half of 2025 from individuals contacted by impostors posing as FCA personnel. The scripts often began with phrases like “We’ve recovered your crypto funds” and ended with requests for personal data or wallet access.
In all these scenarios, the pattern remains consistent: a familiar identity, rapid transition to private channels, and a request that deviates from standard processes, whether it’s a download, wallet transfer, or “verification.”
It’s social engineering wrapped in crypto branding, and it succeeds because it appears legitimate initially. This is precisely why clear verification steps — checking author pages, domains, and official contact links — are more critical than ever.
Did you know? In 2024, impersonation scams alone resulted in $2.95 billion in reported consumer losses in the US.
Why is impersonation rising now?
Two significant shifts contributed to the surge in impersonation in 2025.
Firstly, X has revamped its trusted verification system, replacing it with various monetized tiers for access to premium features. The blue check no longer signifies authenticity; it merely indicates that the user subscribes to X Premium. The previous “notable and verified” badges are absent, and while ID verification exists, it’s optional and inconsistently enforced.
This has resulted in a chaotic landscape where cloned accounts can appear equally legitimate as the real ones. Some scammers even subscribe to Premium to enhance the credibility of their fakes.
Secondly, impersonation scams are flourishing across various industries, not just in crypto. The US Federal Trade Commission (FTC) reported $12.5 billion in consumer fraud losses last year, the highest on record, with impersonation cases among older adults skyrocketing over fourfold.
The Federal Bureau of Investigation’s Internet Crime Complaint Center report identifies phishing and spoofing as top complaint categories. It has become one of the most lucrative forms of online crime, with the crypto sector, characterized by public interactions and accessibility through DMs, remaining a prime target.
It’s not merely random scammers; even regulators have been impersonated. In January 2024, the US Securities and Exchange Commission’s official X account was compromised in a SIM-swap attack, briefly announcing a fake Bitcoin (BTC) exchange-traded fund approval that influenced markets before the post was rectified.
If an entire government agency can be imitated or violated, imagine the ease of faking a single journalist.
The impostor playbook
Here’s how these scams typically unfold, based on firsthand reports and platform data from this year:
“Let’s feature you — shall we move to Telegram?” It often starts with a courteous DM from a familiar name on X, followed by a request to shift the conversation to Telegram. The cloned handle there closely resembles the real one.
They request fees or “expedited coverage” — a classic indicator. Cointelegraph’s sponsored content is distinctly labeled and managed by a different commercial team. No reporter will ever ask you for money for a feature. If someone does, they’re a scammer or at best, a fake PR pitch masquerading as editorial.
They send a “quick Zoom” or “verification link.” Phishing emails and DMs frequently imitate staff names or spoof company domains to create urgency — messages like “just confirm these details” or “click here to schedule.” The FTC’s advice is straightforward: Don’t click anything you didn’t anticipate. Always verify the contact through a known channel.
Look-alike handles and sparse profiles are prevalent. On X, scammers often exploit slight misspellings, recent account creation dates, and recycled posts. Many even purchase Premium for the blue check. X’s policy technically forbids “misleading and deceptive identities,” but reporting and removal usually lag behind the scams.
They employ pressure and secrecy. You’ll encounter lines like “Keep this confidential” or “We need this completed within an hour.” Sometimes they request a crypto wallet address “for verification” or “reward distribution.” Those are red flags — clear indicators of social-engineering attacks recognized by cybersecurity agencies worldwide.
If any of this appears in your inbox or DMs, pause before responding. The next section guides you through a one-minute verification routine that can protect you and your project from falling victim to an impostor’s trap.
Did you know? Telegram launched @notoscam following a surge in impersonation scams, with fake accounts posing as trusted figures or media brands, prompting the need for users to have an official, easy reporting method.
Verify Cointelegraph in 60 seconds
Begin at the source: the author page. If someone claims to be a Cointelegraph writer or editor, check the website first. Each author has a profile listing their bylines and, where applicable, verified social links, such as the one for this article’s author (Bradley Peak).
Examine the email domain and contact channels. Genuine Cointelegraph emails always come from @cointelegraph.com. If you’re uncertain, utilize the addresses found on the About/Get in Touch page to verify the outreach before responding.
Sanity-check the X handle. Be watchful for subtle misspellings, recent creation dates, and minimal post history. Remember that on X, a blue check primarily indicates a paid Premium subscription — not the legacy “notable and authentic” verification. If you identify a suspected fake, report it using X’s impersonation form; you can even file it as a bystander without an account.
Be vigilant of the Telegram transition. Numerous impostors will attempt to shift you to Telegram using a nearly identical handle. If this occurs, verify in-app and report it via Telegram’s official @notoscam bot or the profile’s Report option.
When in doubt, channel through the official site. Avoid continuing in DMs. Use the contact addresses listed on Cointelegraph’s website so the appropriate team can confirm if the outreach is genuine.
Five quick ways to spot a fake account
1. The handle looks almost right — but not quite
Double letters, swapped characters, or an additional underscore can be easily overlooked at first glance. Scammers exploit this. Always verify the exact spelling before assuming a profile is legitimate.
2. The profile history doesn’t make sense
A recently created account with a limited number of posts, no genuine replies, and lots of recycled or copied content raises a red flag. Impostors often clone images or bios from legitimate profiles to appear established, but their posting patterns usually reveal inconsistencies.
3. They attempt to move the chat off-platform rapidly
An immediate invitation to Telegram or WhatsApp is one of the oldest tricks in the book. If someone pushes for switching platforms, halt and verify who you’re conversing with. Telegram even has an official @notoscam bot for reporting this exact type of fraud.
4. They mention money or “expedited coverage”
No Cointelegraph reporter will ever request crypto payments or “coverage fees.” Editorial work and sponsored partnerships are managed separately through official channels and are clearly labeled. If someone discusses payment in a DM, it’s a scam.
5. The email or link feels off
Be cautious of near-miss domains or messages urging immediate clicks. Authentic staff members do not rush communication. If something seems urgent or odd, confirm it using the contact information provided directly on Cointelegraph’s website.
Cointelegraph’s commitment to readers
At Cointelegraph, editorial independence is non-negotiable. Reporters and editors do not handle sponsorships or paid placements, and all commercial content is distinctly labeled and kept separate from the newsroom. Readers can always differentiate between editorial coverage and sponsored material.
Verification is straightforward: Every team member has an author page on cointelegraph.com featuring bylines and validated social links whenever relevant. If you receive outreach claiming to be from one of the writers, check that page first or reach out through the addresses listed in the About section of the website.
Cointelegraph is also updating its author bios to include official LinkedIn and X handles, enabling readers and partners to verify identities instantly.
In an industry inundated with impostors, these simple verification steps contribute to transparent, credible, and safe communication for everyone.
