Documentation and Reporting Options

Some users find it helpful to record observations and timelines for personal reference or reporting purposes. This documentation does not ensure investigation, recovery, or enforcement action. Consider documenting: - The app, website, message, or interaction that led to the compromise (if identifiable) - Date and time of each major step or realization - What you believed you were doing (e.g., minting a token, connecting to a trusted DApp) - When and how you realized something was wrong - Any unusual behavior on your device or wallet before or after the incident This documentation is intended for reporting and record-keeping purposes only and does not ensure investigative or recovery outcomes.

These steps assume you are using a public, EVM-compatible blockchain; procedures may differ for other networks or wallet types. - Public blockchain explorers allow users to view wallet addresses and transaction histories. (etherscan.io or bscscan.com, and write/paste your wallet address). - Take screenshots of each relevant transaction—especially the approval and drain transactions. - For each TX, capture the summary and the Logs tab. Quick Etherscan/BscScan walkthrough: - Confirm you're on the official site: type the URL manually (avoid search ads). - Paste your public wallet address into the search bar (never paste seed phrase/private key anywhere). - On the address page, check: * Balance (native coin + token balance) * Transactions tab (outgoing transfers) * Token Transfers tab (most drains show here) - Identify suspicious items: * A token "Approve" transaction shortly before the drain (often enables spending) * Large or repeated outgoing transfers you didn't initiate - Information that some individuals choose to retain includes (print screen): * Your wallet address * The attacker destination address * The TX hash of the approval and the drain

- If your wallet, browser extension, or crypto app has a support team, reach out as soon as possible. - Use official channels—preferably via their website, in-app chat, or verified email address. - Explain the situation briefly and request a support ticket. - A support log may help you document the incident and may be useful if authorities later make an official request to the platform. - Most wallet providers cannot reverse transactions or recover funds, even when notified promptly.

- Depending on jurisdiction and personal circumstances, some individuals choose to file a report with local law enforcement or cybercrime units. Procedures, responses, and outcomes vary widely. - Disclaimer: This step assumes the compromised funds originated from legitimate, legal sources. - Include your documentation: wallet address, screenshots, TX hashes, personal notes, and any platform support ticket or case number. - Depending on the expertise of local authorities, they may or may not conduct an in-depth investigation. In some cases, you may need to request they escalate the case to a national-level cybercrime unit. - Ask for a case number—it may be helpful for tax reporting, follow-up, or if platforms request law enforcement documentation. - Law enforcement capabilities and procedures vary widely by country, and reporting does not guarantee investigation or action. Practical note: Depending on your wallet type, the platform may allow you to contact their support team directly to report the incident. While it's unlikely they will act without a formal law enforcement request, notifying them can help log the case and generate a support ticket. In most situations, only authorities can request freezes or disclosures from centralized exchanges. Note that you can try to initiate contact yourself, but results vary and success is rare without formal backing. The best course is to report the incident to local cybercrime units first and let them request action officially—and only if the funds passed through centralized exchanges or identifiable wallets. Platform responsiveness and cooperation vary widely. In some cases, you may need to contact the exchange first (see next section), but in others, it is best to wait until authorities file a request. The order of these actions depends on the situation and your region. Capture essential evidence quickly, then avoid further crypto activity on the affected device. Follow guidance from authorities if additional preservation is requested. In rare cases, compensation or refunds may occur when a loss results from a confirmed platform or provider vulnerability. If applicable, check official communications from your wallet provider, but assume no refund unless formally announced.

- US: ic3.gov — accepts reports even from non-US citizens. - While your local police or cybercrime unit is your primary reporting channel, you may also choose to file a report with IC3 (FBI's Internet Crime Complaint Center) to contribute to global case records and increase visibility. - This does not replace your local report but may help if the scam involves international elements or U.S.-based infrastructure. - Filing to IC3 is recommended even if you're not in the U.S., as it may contribute to cross-border investigations. If you are outside the U.S., IC3 reporting is optional and should be considered a supplemental record, not a replacement for local reporting.

- Use a blockchain explorer such as Etherscan or BscScan to follow where the stolen funds were sent. - In some cases, you may recognize a labeled wallet or exchange address. - Specialized software can trace deeper transaction patterns, but these tools are usually paid and intended for institutional or expert use. Professional blockchain analysis tools are generally restricted to institutions and are mentioned here only to explain how investigations are typically conducted. - You may also seek help from blockchain investigation experts—but note that this can be expensive. - Some cybercrime units and even wallet support teams may assist in identifying suspicious patterns if you maintain ongoing communication with them. - If the funds reached a centralized exchange wallet, proceed to the next step to notify them immediately. - Certain tracing or reporting actions may be subject to legal or procedural restrictions depending on jurisdiction; users should ensure compliance with applicable local laws.

The following information describes how exchange interactions are commonly discussed in public reporting contexts. Exchanges are not obligated to act on user requests, and outcomes depend primarily on law-enforcement involvement and internal policies. - In cases where stolen assets appear to reach a centralized exchange, some users attempt to notify the exchange. Exchanges typically require formal law-enforcement requests before taking action. - In some cases, users attempt to contact the exchange by email or live chat if possible. In some cases, speed may matter, as withdrawals can occur quickly. - Information commonly referenced in exchange communications may include transaction hashes, timestamps, and available case references. - Exchanges are not obligated to act on user requests without formal law enforcement documentation. - Exchanges typically require a formal request from law enforcement before freezing assets. Continue cooperating with local authorities to request this action officially. - Some users clearly request that exchanges review and flag specific transactions, understanding that exchanges are not obligated to act without law-enforcement requests. - Save the ticket/reference number.

- Consider reporting a scam report on chainabuse.com (they never ask for payment, passwords, phrases or personal info you don't choose to share. Stay alert.) - Consider reporting the scam wallet and fraudulent transactions on Etherscan/BscScan