Social engineering is the use of deception and psychological manipulation to make someone reveal sensitive information or take an action they otherwise would not. In cryptocurrency, it is often called “human hacking” because attackers target people rather than breaking cryptography or smart contracts.
How social engineering works in crypto
Crypto systems rely heavily on user-controlled credentials, such as seed phrases, private keys, and two-factor authentication codes. Social engineering attacks exploit urgency, authority, fear, or excitement to bypass a person’s skepticism. Common scenarios include someone impersonating a wallet provider’s support agent, a popular influencer, or an exchange employee and then requesting a seed phrase “to verify your account.” In reality, no legitimate service ever needs your seed phrase, because it is the master key that can recreate and drain your wallet.
Attackers also manipulate users into signing transactions they do not understand. For example, a fake “airdrop claim” site may prompt a wallet signature that actually grants a malicious contract permission to spend tokens, or it may route the user into approving a transaction that sends funds to the attacker. These scams can be delivered through email, DMs, phone calls, fake websites, or even compromised social media accounts.
Common tactics and real-world examples
Phishing is one of the most frequent forms, using lookalike domains and convincing messages to capture logins or seed phrases. Pretexting involves a believable story, such as “security verification” or “recovering stuck funds,” to keep the victim cooperating. SIM swap attacks combine social engineering with telecom account takeover, letting criminals intercept SMS-based codes to access exchange accounts.
Why it matters
Social engineering remains one of the biggest sources of crypto losses because blockchain transactions are hard to reverse and self-custody shifts security responsibility to the user. Understanding these tactics helps users protect keys, verify requests, and reduce the chance that trust becomes the weakest link in the crypto ecosystem.