Headline: XRP users hit by surge in giveaway scams — one victim loses 6,000 XRP as warnings pile up
A reported victim lost 6,000 XRP after responding to a “double your funds” promise, part of a broader escalation in scams aimed at XRP Ledger (XRPL) users. The spike in fraudulent airdrops and fake giveaways prompted a public alert from David Schwartz — Ripple’s former CTO and long-time XRPL voice — who warned that almost all such offers circulating on social platforms are malicious.
What triggered the warnings
- On May 14, 2026, David “JoelKatz” Schwartz posted on X that scam activity targeting XRPL users has surged, and cautioned that anyone claiming to be him on Instagram, Telegram, or similar channels is almost certainly a scammer.
- XRPL explorer Bithomp earlier flagged a specific attack vector: scammers send unsolicited NFTs to wallets with misleading memos such as “Verification: Safe XRPL verify message,” and attach hidden Buy Offers. If a user signs or accepts the offer, the wallet can be drained immediately.
- Wietse Wind of the Xaman wallet team echoed the alarm, urging users to cancel any unknown offers without delay.
How the scams work
- Impersonation: Scammers create convincing fake profiles impersonating high-profile XRPL figures (Schwartz, Ripple CEO Brad Garlinghouse) and projects, then promote “airdrops” or rewards.
- Malicious NFTs + Buy Offers: An unsolicited NFT appears to be a harmless verification or claim. Behind the scenes a Buy Offer is attached; signing or accepting it can trigger an immediate asset drain.
- Phishing sites: Fraudulent websites lure users to connect wallets and approve transactions to “claim rewards.” Once access is granted, funds are swept.
- Classic advance-fee fraud: Some operations still ask victims to send XRP first with the promise of receiving more back.
Important clarifications
- These attacks exploit user trust and social engineering, not a vulnerability in the XRPL protocol itself.
- Schwartz emphasized that legitimate organizations do not run surprise giveaways, and no authentic service will ask you to send funds, reveal seed phrases, or share private keys. His verified X account is the only reliable source for his communications.
Practical steps to protect yourself
- Never click unknown links or connect your wallet to an unverified website.
- Never share private keys, seed phrases, or approve transactions you don’t fully understand.
- Check transaction types and memos carefully before signing anything.
- Use tools from Bithomp and Xaman to review and cancel suspicious or pending offers immediately.
- Report impersonating accounts and suspicious posts to the platform hosting them.
Act quickly but be realistic
- Prompt action after a scam may limit losses, but full recovery of drained funds is rarely possible. Staying vigilant and skeptical of unsolicited offers remains the best defense.
Stay tuned to verified channels and community tools for updates — and always assume surprise airdrops and “too good to be true” giveaways are scams.
Read more AI-generated news on: undefined/news
