Scammers have created 54,000 fake stablecoins to trick crypto users

Published: 27 March 2026
Last updated: 27 March 2026
a bunch of Stablecoin coins
Stablecoin coins with fake ones. Image by Cybernews.

As stablecoins gain wider adoption across major payment firms and fintechs, scammers are creating fake tokens to trick unsuspecting users.

Since the GENIUS Act became law in July 2025, blockchain security firm Blockaid has found over 54,000 fake stablecoins out of more than 17 million tokens created during that time. Most of these, about 34,000, tried to copy the most popular stablecoin, Tether (USDT), while around 12,000 targeted the second-largest, USD Coin (USDC).

primary stablecoins inpersonations
Primaty stablecoins inpersonations since GENIUS Act. Image by Cybernews.
ADVERTISEMENT

By distributing fake tokens, criminals hope that their potential victims will overlook subtle discrepancies in token symbols while also using Cyrillic or other Unicode characters in URL addresses to trick people into thinking the website is legitimate.

"A URL reading 'usdc.com' might actually use a Cyrillic 'c' that directs to an attacker-controlled site," Blockaid explained.

Also, the criminals are sending small amounts of fake tokens to people's wallets, which might also be an attempt to trigger malicious approvals.

Moreover, on some networks, such as Hedera and Solana, attackers exploit the metadata field to insert fake token symbols or malicious contract addresses, hoping victims will copy-paste addresses from their transaction history and send funds to criminals. This is also known as the address poisoning attack.

stablecoin_impersonations
Stablecoin impersonations dApps Deployments in 2025. Source: Blockaid

Threat actors are using malicious app templates, impersonating legitimate brands, and distributing them via social media networks, messaging apps, emails, and even fake YouTube tutorials or AI-generated celebrity endorsements, the researchers have found.

Once a potential victim falls into their phishing nets, criminals try to trick people into entering their crypto recovery phrase, giving access to their wallets. Also, fake apps trigger a wallet connection request followed by a transaction signature prompt, which helps criminals steal crypto assets.

"New institutional stablecoins (PYUSD, RLUSD, USDG) will become prime targets as they gain market share. Attackers follow liquidity, so expect impersonation attacks to track adoption curves closely," Blockaid concluded, warning that impersonators will increasingly target emerging blockchains with less mature security infrastructure and resort to phishing campaigns disguised as official compliance requirements.

ADVERTISEMENT
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT