How do scammers use my account for crypto giveaways?
By Bridget · Updated May 2026 · Reviewed by Locket Security Team
★ the short answer
Scammers hijack creator accounts — usually via session-token theft from a fake sponsorship file — then rebrand them to impersonate a crypto figure and run a fake “send 1 ETH, get 2 back” giveaway or livestream to your audience. Recover by restoring the underlying account, reporting the hijack to the platform, and adding a passkey to block re-entry.
How does the crypto-giveaway hijack happen?
An attacker steals your session — often through malware in a fake brand deal — and logs in without your password. They rename the channel or account, post a crypto figure's branding, and stream a looping “giveaway” that tells viewers to send crypto to “double” it. Your audience's trust in you is the bait.
How do I recover an account used for a crypto scam?
Recover the underlying account (your Google account for YouTube, the login for Instagram), sign out all sessions, and reset the password. Then report it to the platform as a compromised account used for a scam — YouTube and Meta routinely restore the original branding and remove the fraudulent content.
How do I prevent this from happening?
Never open unexpected files from “sponsors,” add a passkey or hardware security key so stolen cookies are useless, sign out idle sessions periodically, and keep your devices patched and scanned for infostealer malware. These steps target the session-token theft that powers almost every crypto hijack.
Frequently asked
- Crypto transactions usually can't be reversed, which is why warning your audience fast matters most. Report the scam wallet to the platform and exchanges, and post a clear notice so no one else sends funds.
Want a human in your corner?
Locket Security helps creators recover, lock down, and protect every account they monetize — without the enterprise jargon.
See how Locket helps ★Keep reading
How do I recover a hacked YouTube channel?
YouTube channels live inside your Google account — here's how to recover both, report a hijack, and undo crypto-livestream takeovers creators are targeted with.
What is session-token theft and how do I stop it?
The scary part of modern creator hacks: attackers don't need your password or 2FA. They steal your session cookie. Here's how that works and how to stop it.
How do I spot a fake brand-deal email?
Fake sponsorship offers are the leading way creators get hacked — often through a “media kit” or “contract” file that's actually malware. Here's how to spot them.