Common scams

Fake Tokens

Transactions with Misleading Comments

Scams Involving '.ton' or '.t.me' domains

Scams Involving Testnet Wallets

Fake Accounts Posing as Tonkeeper Support

Fake Tokens

In the TON blockchain, absolutely anyone can create their own token — and unfortunately, this feature is often abused.

For example, scammers may create counterfeit versions of popular tokens like TON, USDT, NOT, and many others to use in various types of fraud.

💡 How can you tell a fake token from a real one?

  1. Original tokens never have the 'Unverified token' label. So if you see this label next to TON, USDT, NOT, or other well-known tokens — you’ve received a fake version.
  2. Genuine tokens typically don’t have extra symbols in their name (ticker), such a $ or others.
  3. Always double-check token details in a blockchain explorer such as Tonviewer. Pay attention to the number of holders, the name, and the token value.

Additionally: if you see a SCAM or FAKE label next to a token — it means we have already identified it as fraudulent and marked it accordingly. In that case, there should be no doubt that the tokens were sent by a scammer.

An example of a fake token in Tonviewer

💡 How to protect yourself from receiving fake tokens?

Here are a few important rules to follow:

  1. Never agree to "token exchange" deals with strangers on Telegram.

Scammers often promise attractive deals — like no-fee exchanges or instant transfers to your wallet or bank card. No matter how tempting it sounds, don’t trust these offers. You may receive fake tokens instead. Use only trusted platforms to buy, sell, or swap cryptocurrency.

  1. Never agree to sell your Telegram gift, username, or anonymous number to unknown users.

Scammers may send you fake tokens as "payment". Before transferring your NFT to a buyer, always check the token you received and verify it using a blockchain explorer.

Remember: blockchain transactions are irreversible, so once you send an asset, you won’t be able to cancel the transaction or get your funds back.

Transactions with Misleading Comments

In the TON blockchain, users can attach comments to transactions. Unfortunately, scammers are exploiting this feature to trick unsuspecting users. Below are the most common types of scams you should watch out for:

  1. Fake warnings about wallet suspension or balance freezing.

Scammers might send a small amount of TON with a message like: "Your wallet has been suspended. Verify your identity to restore access". This is a scam.

Tonkeeper is a non-custodial wallet, meaning only you control your funds — not us or anyone else. No one can freeze your wallet, block your balance, or impose restrictions. If you receive a transaction with such a comment, ignore it.

These scams often include phishing links or ask you to send crypto in response. Never click suspicious links or transfer funds to unknown addresses.

  1. Claims of AML or Anti-Fraud violations.

Scammers may pretend your wallet has triggered anti-money laundering (AML) or anti-fraud alerts. They will claim that you need to verify your wallet or send a small amount of crypto to "lift the restriction".

This is another red flag. AML and anti-fraud checks apply only to centralized platforms like exchanges. Tonkeeper does not monitor transactions or enforce such policies. Any message suggesting otherwise is purely fraudulent.

  1. Fake exchange refund messages.

Many centralized exchanges require users to include a unique deposit tag. If the tag is missing or incorrect, the funds won’t be credited to your account.

Scammers take advantage of this by monitoring exchange addresses and targeting users who made deposits without a tag. They send a tiny transaction with a message like:

They often register a fake domain that mimics the exchange’s name, claim to be from the support team, and ask you to contact them via a phone number or Telegram.

Their goal is to gain access to your wallet. They may ask for your seed phrase (24 secret words) under the pretense of helping you recover funds.

Once they have your phrase, they contact the real exchange to request a refund — and as soon as the funds arrive in your wallet, they immediately withdraw everything, since they now control your wallet.

Never trust transactions with comments like these, and please remember:

  • Real support staff will never ask you to contact them via unknown phone numbers.
  • No support agent will ever ask for your wallet’s seed phrase or personal info.
  • Official support contacts are only listed on the exchange’s official website or app.

Scams Involving .ton or .t.me Domains

A domain is a short name that anyone can link to a TON wallet and use instead of a long wallet address when receiving cryptocurrency. Domains ending in '.ton' can be created through TON DNS, and 't.me' domains are available via Fragment.

Because domain names in the TON blockchain aren’t moderated, scammers often take advantage of this and register misleading or deceptive names. Below are some of the most common scam tactics:

  1. Domains Impersonating Tonkeeper.

Scammers may send spam transactions from domain names like "tonkeeper_airdrop.ton", "tonkeeper_verification.ton", or "tonkeeper_bonus.ton". These transactions typically include a misleading comment, such as an airdrop invitation or a request to "verify your wallet" via a link.

If you receive anything like this, please do not trust it. Tonkeeper does not run airdrops, ask for wallet verification, or send out announcements via random transactions.

  1. Domains Imitating Exchanges Names.

This is a more complex scam that often begins with someone reaching out to you on Telegram, pretending to be a trader or mentor. They might walk you through sending USDT to a wallet with a domain like "bybit_usdt.ton", claiming it’s an exchange deposit address.

To make it look legitimate, they’ll send your funds back—sometimes with a small profit—encouraging you to trust them. You are encouraged to repeat the process, eventually sending a larger amount—after which the scammer disappears and blocks you.

This has nothing to do with real trading or investment—it’s just a trick to get you to send crypto to a scammer. Always use official exchange platforms and only send funds to deposit addresses generated directly on the exchange’s website. Never share login details or wallet credentials.

Remember: TON domain addresses are not exchange accounts. Always generate deposit addresses directly on the official exchange website.

  1. Domains Imitating Other Blockchain Addresses.

Tonkeeper currently supports only two networks: TON and TRON (for USDT (TRC20) only). You cannot send tokens to addresses from other blockchains (e.g., Bitcoin or Ethereum) via Tonkeeper.

However, scammers might try to convince you otherwise by disguising other blockchain addresses as TON domains. For instance, they might show a BTC-style address like "bc1prw2ls7qkr3kenm6js7a7kjdu09amflqxvryd.ton"—but in reality, it’s just a TON wallet with a misleading domain.

This trick can appear in various forms, including promises to "wrap" your crypto for cross-chain transfers. Remember: Tonkeeper does not support cross-chain transactions. If you're sending funds to a .ton or .t.me domain, the transaction is happening only on the TON blockchain.

  1. Domain Mismatch Scam.

In addition to being convenient, TON domains have one key feature: the domain owner can link it to any wallet address. This means that the same wallet can be associated with multiple domains—even if they belong to different owners.

💡 How can scammers exploit this?

For example, a scammer creates two domains: 'user_1.ton' and 'user_2.ton'.

The first domain is owned by wallet UQ1, and the second one is owned by wallet UQ2. However, since a domain can be linked to any wallet, the scammer links 'user_2.ton' to UQ1 instead of UQ2. As a result, both domains now direct funds to wallet UQ1.

💡 What’s the scam?

When you make a transaction, the main domain of the wallet owner (if they have one) is displayed in the transaction details—not necessarily the one you entered.

So, let’s say someone asks you to send TON to 'user_2.ton', which, as explained, is linked to UQ1. After you confirm the transaction, you notice that the history shows the recipient as 'user_1.ton'.

That’s because 'user_1.ton' is the primary domain for wallet UQ1.

Technically, the funds were sent to the correct address—but the scammer draws your attention to this “discrepancy” to confuse you or make it seem like the transaction was redirected or tampered with.

They may then pressure you to send the funds again, claiming the first transfer went to the wrong place.

💡 How to protect yourself

  • Always check not just the domain, but the wallet address before confirming any transaction.
  • Use the TON blockchain explorer (like Tonviewer) to verify that both domains point to the same wallet.

Scams Involving Testnet Wallets

The TON blockchain has two environments: the mainnet (main network) and the testnet (test network). The testnet is used by developers to test features and smart contracts before launching them on the mainnet. For example, an NFT creator might test the minting process on testnet before releasing a collection publicly.

Tonkeeper allows users to add testnet wallets, and scammers may exploit this feature to deceive inexperienced users. They might offer you testnet TON as a "payment" or "reward" for a task, or ask you to add a testnet wallet for some made-up reason.

It's important to understand: testnet coins are not real. They have no value, cannot be sold, and are only intended for development and testing. Any offer involving testnet tokens as real payment is a scam.

Fake Accounts Posing as Tonkeeper Support

Scammers may reach out to you on Telegram pretending to be Tonkeeper staff, channel admins, or community moderators.

Please remember: No one from the Tonkeeper team will ever contact you first, ask for your secret recovery phrase (24 words), request any personal information, or send suspicious links or payment requests. The only official ways to contact Tonkeeper support are:

  • The Telegram bot: @tonkeeper
  • Email: support@tonkeeper.com

💡 What should I do if someone contacts me claiming to be from Tonkeeper?

  • Report the account directly to our support team.
  • Use the Telegram’s "Report" feature to flag the scammer.

Helpful Tips to Stay Safe

  • Never click on unknown links or connect your wallet to untrusted websites or Telegram mini-apps.
  • Always research a service before interacting with it or sharing any information.
  • Pay close attention to transaction details. Before signing any transaction, double-check the amount and ensure you're not unknowingly sending your entire balance to a scammer.
  • Blockchain transactions are irreversible. If you lose funds, there's no way to get them back.
  • The Tonkeeper team will never ask you to send crypto or share any personal information — including your secret recovery phrase.
  • Tonkeeper does not conduct airdrops. If we ever run a marketing campaign, it will be officially announced in our news channel.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.