FBI Warns of Fake Token Scams Targeting Tron Users
FBI New York warns Tron users about fake tokens and phishing scams. Crypto fraud losses hit $9.3 billion as attackers use social engineering and GitHub.
This scheme is part of a broader wave of targeted attacks in the crypto sector that combine social engineering and on-chain tools to extract sensitive information.
Fake “Investigations” as a Pressure Tool
According to a warning from FBI New York, Tron users have received messages via a token bearing the agency’s name and branding, claiming their wallets are under investigation. The messages include a call for immediate action—a hallmark of phishing attacks—directing users to websites for alleged anti-money laundering verification.
FBI New York encourages users of the Tron blockchain network to exercise caution if they encounter a token purported to be from the FBI. If you receive a token from an account with the details below, do not provide any identifying information to any website associated with such… pic.twitter.com/VF03sjM4VW
— FBI New York (@NewYorkFBI) March 19, 2026
The goal is to extract personal data and gain access to assets, with pressure intensified through threats of freezing funds. The Federal Bureau urges users not to provide any information and to report suspected fraud, emphasizing that such messages are not part of legitimate investigations.
Phishing Attacks Become More Precise
In a parallel development, the cybersecurity firm OX Security identified a large-scale campaign targeting developers working with the open-source AI project OpenClaw. Unlike traditional mass scams, this attack uses a selective approach; attackers gather data via the GitHub API to identify active developers who have interacted with the project.
The attack leverages GitHub’s legitimate infrastructure. Using fake accounts, scammers create discussions and tag specific users, which generates authentic email notifications from the platform’s official domain. This allows the messages to bypass standard spam filters and significantly increases the likelihood of success.
The bait includes a promised airdrop worth up to $5,000, directing users to cloned websites that mimic the official platform. Once a wallet is connected, malware triggers a drainer process that also deletes local data to hinder any subsequent investigation.
A New Phase of Crypto Fraud
The combination of social engineering, on-chain messaging, and the exploitation of legitimate tech platforms demonstrates an evolution in cybercriminal methods. FBI data indicates that in 2024, crypto scams resulted in losses exceeding $9.3 billion, highlighting the scale of the issue.
These recent attacks signal a transition toward more intelligent and targeted schemes where trust in institutions and platforms is the primary tool for manipulation. For investors and users, basic security measures are no longer enough; attention to detail and verifying information sources have become critical for asset protection.
For information on choosing a crypto wallet, see the review of the best crypto wallets for 2026. The guide covers both hardware and software solutions tailored to different needs.

Fill in necessary fields and publish