A Fake Client, a “Cash-Out Check,” and the Wallet-Drain Scam Pattern I Keep Seeing

Another week, another scam attempt—this time packaged as a “client inquiry” and a so‑called crypto check for cash-out.

The script is becoming painfully familiar in Web3 services: a convincing conversation, a project that sounds plausible, and then a subtle (but persistent) attempt to get you to connect your wallet somewhere you shouldn’t.

The setup: a client that doesn’t exist

It started like a normal inbound lead:

• “The client” came with a project brief. Later it became clear the project wasn’t real.
• We discussed details; they said they were ready to pay a third of the budget upfront.
• I sent a wallet address to receive the payment.

So far, nothing unusual. Then the classic turn.

The hook: “Binance won’t let me pay you because of AML”

They sent a screenshot allegedly from Binance and claimed they couldn’t transfer funds because my address didn’t pass an AML check—supposedly it was “blacklisted,” and Binance was blocking the transaction.

This is a common social engineering tactic: introduce a scary compliance reason (AML, blacklist, frozen funds) to create urgency and make you doubt your own setup.

The real goal: get you to connect your wallet to a fake service

Next, they dropped a link to a third‑party website where I could supposedly “cash out a crypto check” by simply connecting my wallet.

The site looked decent at first glance—clean layout, acceptable design. But it had that unmistakable feel of something built quickly, “good enough” to pass a surface-level inspection.

The core mechanic is simple and brutal:

1. You connect your wallet.
2. You’re prompted to sign a transaction (or an approval).
3. Your assets are drained.

To apply pressure, they kept pushing variations of the same lines:

• “Why doesn’t Binance work? Help me solve it.”
• “Why can’t you just cash out the check?”
• “The money is right there—just accept it!”

My quick test that confirmed the scam

I generated a brand‑new clean address right before sending it—no history, no activity. They claimed Binance couldn’t send to that one either.

At that point, it was obvious: the “AML issue” was just theater. The only objective was to funnel me into their fake cash‑out flow and make me connect a wallet to an untrusted website.

Unfortunately, I can’t attach screenshots—after the conversation, they wiped the entire chat history.

Takeaways: how to protect yourself

• Never connect your wallet to unknown sites, even if the UI looks professional.
• Never sign transactions under pressure or “to receive money.” If you’re signing, you might be approving access.
• Be skeptical of AML/blacklist claims used as leverage to move you to a “special” third‑party tool.
• Prefer direct transfers to addresses you control, and verify everything out-of-band when something feels off.

Web3 is full of real opportunity—but it’s also full of people trying to exploit trust, urgency, and incomplete understanding of wallet permissions. Stay sharp.