Indian authorities warn of Trust Wallet scams using fake verification links. Here is how the scheme works and how to stay safe.
India’s cybercrime watchdog has raised fresh alarms over scams hitting Trust Wallet users across the country.
The Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs, published an advisory this week. Analysts detected a sharp rise in complaints on the National Cyber Crime Reporting Portal.
The scam follows a fixed pattern, moving fast and leaving victims with little recourse.
Related reading:
How Scammers Target Trust Wallet Users on P2P Platforms
Attackers begin by contacting victims on peer-to-peer trading platforms such as Binance.
They pose as fellow traders or support agents. Soon after, they push the conversation to WhatsApp or Telegram. This move helps them avoid platform-level monitoring and detection.
Once off the trading platform, scammers introduce a fake requirement. They tell victims that a “crypto asset verification” step must be completed before any transaction can proceed.
This urgency-driven tactic pressures users into acting quickly. Most victims comply without questioning the process.
The I4C advisory notes this scripted approach makes the scam difficult to spot early. By the time a victim realizes something is wrong, the damage is already done.
🚨Indian cyber crime department warns of rising crypto scams targeting Trust Wallet users, where fake “verification” links are used to drain wallets.
Scammers first contact victims on P2P platforms (like Binance), then shift chats to WhatsApp/Telegram.
They send a fake “wallet… pic.twitter.com/lWLmIg6CCY
— Crypto India (@CryptooIndia) April 28, 2026
Fake Verification Links Hand Attackers Full Wallet Access
After building trust, scammers send victims a link to a counterfeit website. These sites are designed to look like legitimate blockchain verification services.
Victims are instructed to connect their Trust Wallet to the site. Most do not realize what they are actually approving.
Connecting the wallet triggers a hidden smart contract permission. This grants attackers unrestricted programmatic access to the wallet’s contents. According to the I4C advisory, wallet drainer scripts then move funds automatically.
No further interaction from the victim is needed.
The process is near-instantaneous. Because blockchain transactions occur on decentralized public networks, there is no central authority to reverse the transfer.
Once funds move, they are gone for good.
🚨 Indian govt just warned Trust Wallet users are being targeted.
Scammers are hitting Trust Wallet users in India with a coordinated attack.
The pattern is identical every time:
— Binance DM
— Moved to WhatsApp/Telegram
— Fake verification link
— Funds goneIf you got a… pic.twitter.com/PbUU0v34Rw
— Master of Crypto (@MasterCryptoHq) April 28, 2026
What the Indian Government Wants Crypto Users to Do Now
The I4C advisory urges users to never connect their wallets to unknown or unsolicited links.
Approving random smart contract access should also be avoided at all times. If a suspicious message has already been received, authorities recommend deleting it immediately.
Besides, users who may have clicked such links should revoke any active dApp connections through their wallet settings right away. Reporting incidents to cybercrime.gov.in is also strongly encouraged by the advisory.
The I4C warning serves as a reminder that the threat does not rely on hacking. It exploits user trust and the mechanics of smart contract approvals. Hence, awareness remains the strongest line of defense.
