Blockchain investigator ZachXBT warned investors on Telegram about the critical checks necessary to avoid falling prey to fraudulent projects. At the same time, Coinbase users reportedly lost over $46 million to phishing scams. In this article, we’ll explore ZachXBT’s two crucial checks, review real-world phishing incidents, and offer practical security tips to help you stay one step ahead of scammers.
ZachXBT’s Two Critical Checks - A Warning from the Frontlines
ZachXBT, a well-known figure in blockchain investigation, recently shared two “minimum checks” designed to help investors steer clear of crypto scams. His first piece of advice focuses on newly launched DeFi protocols on forked EVM chains. Many of these protocols are clones of proven models, created by forking established code bases. While this method requires minimal technical know-how, it also introduces significant security risks. A notorious case in point is the DeFi protocol SIR.trading, which suffered a hack resulting in approximately $350,000 in losses, despite being marketed as a “new protocol for safer leveraged trading.”
Synthetics Implemented Right @leveragesir has been hacked for $355k
— Decurity (@DecurityHQ) March 30, 2025
This is a clever attack. In the vulnerable contract Vault (https://t.co/RycDbFY5Xq) there is a uniswapV3SwapCallback function that uses transient storage to verify the caller. Specifically, it loads an address… pic.twitter.com/u6PhksPV31
Another high-profile incident involved Abracadabra, the DeFi lending platform, where an exploit involving collateralized tokens led to a staggering $13 million loss.
🚨 $13M DeFi Exploit Just Hit Abracadabra x GMX Integration
— Three Sigma (@threesigmaxyz) March 25, 2025
Attacker used 1 ETH to drain $12.9M via GmxV2CauldronV4.
This isn’t just another bug. It’s a blueprint for future exploits. 🧵👇 pic.twitter.com/x6cJmr2EoO
The second check revolves around scrutinizing project credibility on platforms like Kaito, an AI-powered tool that analyzes genuine community engagement. According to ZachXBT, investors should be wary of projects with few “smart” followers. As Investor Xero put it, “Kaito has become an amazing security and reputation tool that I value over others. If a 40k+ follower project isn’t connecting with real smart followers, it’s not legit.” ZachXBT bluntly warns, “If you make either of these decisions, it is your own personal choice to risk funds, and I will NOT help you.” This no-nonsense advice highlights that protecting your investment starts with the basics: thorough research and verifying real community support.
Zachxbt checks your Kaito smart followers
— xero 🎮 (@xerocooleth) March 30, 2025
Kaito has become an amazing security and reputation tool that I value over others.
It can help you identify an impersonator or new rug project fast.
If a 40k + follower project isn’t connecting with real smart followers it’s not legit. pic.twitter.com/icRpWuzKTD
Real-World Lessons from the Coinbase Phishing Scams
The importance of due diligence is underscored by recent phishing scams targeting Coinbase users. Over the past two weeks, scammers have allegedly swiped more than $46 million through tactics like address poisoning and wallet spoofing. A screenshot from blockchain explorer Blockchair revealed a suspected theft of around 400 BTC—roughly $34.9 million in a single incident. These scams work by tricking users into sending their assets to fraudulent wallet addresses, cleverly designed to resemble those of legitimate platforms.
Jaclyn Sales, Director of Communications at Coinbase, stressed the importance of caution: “Coinbase will never call you or ask for your login credentials, API key or two-factor authentication codes. If someone contacts you claiming to be from Coinbase and requests this information or asks you to transfer assets, do not do it.” Such guidance is imperative as scammers continually hone their tactics to impersonate major brands and fool even seasoned investors.
Emerging Scam Tactics and Additional Red Flags
Beyond phishing scams, the crypto industry has seen a variety of other fraud tactics. Scammers now exploit features like automated browser downloads to sneak in malicious software.
new type of scam.
— Jerome (@criptic_jerome) March 30, 2025
don’t click on tokens web with cloudflare. Instead of confirming, you are agreeing to download file.
don’t be drained
Disable auto google chrome download , will save many wallets believe me pic.twitter.com/3t22QaHWJB
Some schemes involve sending minuscule transactions—often as little as 0.001 tokens—from wallet addresses that mimic legitimate ones. The goal is simple: to deceive users into copying fraudulent addresses when transferring funds.
According to a Chainalysis report, from 2021 to 2024, decentralized finance (DeFi) platforms have been the primary targets of crypto hacks.

Moreover, Microsoft recently flagged StilachiRAT, a new remote access trojan geared toward stealing cryptocurrency wallets and login credentials. And let’s not forget pig butchering scams, which in 2024 cost the industry over $5.5 billion across 200,000 reported cases on the Ethereum network. For anyone venturing into DeFi, these red flags underscore the vast risks posed by rapid development that often neglects essential security measures.
Practical Tips to Stay Protected
So, how can you fortify yourself against these threats? Here are some practical tips:
• Always verify project credibility using tools like Kaito; if a project’s community seems inflated with fake followers, steer clear.
• Avoid depositing funds into newly launched or forked DeFi protocols until a thorough audit proves their security.
• Enable two-factor authentication (2FA) and use a dedicated email account for your crypto transactions.
• Regularly update your wallet software and maintain an address allowlist to ensure you’re not redirected to fraudulent addresses.
• Be cautious with unsolicited communications asking for your personal credentials or urging you to transfer assets.
FAQs
What is address poisoning in crypto scams?
- Address poisoning refers to scams where fraudsters subtly alter wallet addresses so that users accidentally send funds to the wrong account.
How can tools like Kaito help assess project credibility?
- Kaito uses AI to evaluate both the number and quality of followers, helping to discern genuine community interest from fake engagement.
What should I do if I suspect a phishing scam?
- Immediately report the incident to your crypto exchange and update all security settings on your wallet accounts. Avoid clicking on links from unverified sources.
Concluding Thoughts
Investors can reduce their risk of falling victim to scams while following ZachXBT’s critical checks and adhering to robust security measures. Meanwhile, incidents like the recent $46 million phishing scam on Coinbase serve as a stark reminder of the importance of due diligence. Stay informed, stay secure, and always verify before you trust.

Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice of this sort, HODL FM strongly recommends contacting a qualified industry professional.