• Revoke token approvals — use revoke.cash to remove access granted to malicious smart contracts
• Move remaining funds to a brand-new wallet. The compromised wallet is no longer safe
• Change all passwords — email, exchange accounts, anything that shares the same password
• Enable 2FA using an authenticator app (not SMS). Disable SMS-based recovery
• Freeze cards if you entered banking details on the phishing site

According to the FBI, the most important details are transaction data:

• Cryptocurrency addresses — scammer's wallet (e.g., 0x5856...35985)
• Amount & crypto type — exact amount (e.g., 1.02345 ETH, 0.5 BTC, 500 USDT)
• Transaction ID (hash) — the unique blockchain transaction identifier
• Exact dates & times — of each transaction and first contact with scammer
• Screenshots — scam website, chat messages, emails, wallet transactions, social media
• All URLs & domains used by the scammer (including www.cal.munya.co.zw)
• Communications — emails, texts, phone numbers, usernames the scammer used

Even if you don't have all details — file a report anyway. Partial information still helps investigations.

• FBI IC3 — Internet Crime Complaint Center (US federal reporting)
• Europol — European cybercrime reporting (EU)
• Chainabuse — flag scam wallets across exchanges & platforms
• Your crypto exchange — contact Coinbase/Binance/Kraken support to freeze scammer's address
• Local police — creates an official record, even if they can't act immediately

The FBI recovered over $1 billion in crypto fraud in 2024 thanks to victim reports. Your report matters.

• Fake websites — pixel-perfect clones of legitimate sites with slightly altered domains
• Malicious approvals — "connect wallet" prompts that grant unlimited token spending to attackers
• Pig butchering — trust built over weeks via Telegram/WhatsApp/dating apps, then money stolen
• Recovery scams — victims targeted AGAIN by fake "recovery agents" demanding upfront fees. Always a scam
• Fake ads & airdrops — Google/social media ads and "free token" offers leading to wallet drainers
• AI-powered scams — deepfakes, automated phishing, and AI-generated sites making fraud harder to detect

• Use a hardware wallet (Ledger, Trezor). Never store large amounts in browser wallets
• Bookmark official sites — never click links from emails, DMs, or ads
• Read every approval — verify permissions before signing. Reject unlimited approvals
• Verify domains — check on PhishDestroy before interacting. Check HTTPS, spelling, domain age
• "Too good to be true" = scam — guaranteed returns, celebrity endorsements, urgent deadlines

• $51 billion flowed to illicit crypto wallets in 2024 — CoinLedger
• Pig butchering losses grew 40% year over year, now the fastest-growing fraud type
• Only ~5% of victims report — your report helps shut down criminal networks
• FBI recovered $1B+ in 2024 thanks to victim reports — FBI.gov

Sources: FBI · CoinLedger · WorldMetrics