Xaman Wallet founder Wietse Wind has warned of a large scale scam campaign targeting XRPL users, citing fake transaction requests, phishing emails, impersonation accounts, and fraudulent apps.
Wind said attackers are attempting to trick users into signing malicious transactions through scam NFTs, fake desktop wallet software, and direct messages posing as support. He emphasized that the attacks rely on social engineering rather than flaws in the XRPL code. Users were urged not to click unknown links, respond to unsolicited messages, or share secret keys.
He also noted that phishing emails are being circulated despite Xaman not storing user email data, suggesting criminals are using information from unrelated data breaches. Some scams promote fake desktop versions of the wallet or offer free tokens in exchange for private keys.
Wind stressed that funds remain safe as long as users avoid approving suspicious transactions or revealing sensitive information.
The warning comes amid a broader rise in crypto related scams. A recent PeckShield report found that hacks and scams led to more than 4.04 billion dollars in losses in 2025, with scams alone accounting for 1.37 billion dollars, up 64 percent from the previous year. The report added that attackers are increasingly focusing on targeted phishing campaigns and that centralized platforms made up about 75 percent of stolen funds.
In January 2026, blockchain investigator ZachXBT disclosed a case in which a victim lost roughly 282 million dollars in Bitcoin and Litecoin through a hardware wallet scam, with the stolen funds later routed through THORChain and converted into Monero.
Wind described the situation as an ongoing battle between users and scammers, stressing that wallet security ultimately depends on individual caution.
