Losing access to your crypto is an intensely stressful experience. Panic is natural and anxiety remains persistent. Whether the issue is a forgotten password, a damaged device, or corrupted files, that stress is exactly when scammers tend to strike, presenting themselves as “recovery experts” while aiming to exploit people at their most vulnerable state and steering you away from legitimate professionals that can actually help.
Every other month we see another article come out about crypto recovery firms with broad strokes of caution, but we wonder how much first hand experience the authors have with crypto recovery. From reading them, our bet is little to none. We wanted to take the time to give some practical advice from an inside perspective from an active crypto recovery operation. We hope this clears up the noise and confusion while allowing you and people who are actually in need of recovery services to navigate the choppy online waters of digital asset recovery.
If you invest a few minutes here, you’ll leave with a practical checklist to protect yourself for scammers as well as a toolbelt to engage real experts effectively.
Part 1: The Red Flags of Scam Recovery Services
The burning question that we see asked all sides of the internet: Are All Recovery Services Scams?
Here’s your answer: No, but many are.
The most misleading misinformation lumps everything together, which pushes credible help out of reach. Firms and individuals offering legitimate recovery services do exist. (We should know! It’s what we do!) Just like Hardware Data Recovery Specialists or Explosive Ordnance Disposal Technicians, the skills and tools required to do crypto recovery are specialized, valuable, and difficult to validate unless you know what to look for. It’s just as valuable to know what to look for in the frauds amongst them – Scammers.
Scams aim to take advantage of their victims from many angles. Some aim to recover a locked out wallet to keep the assets inside, others aim to impersonate or blackmail individuals with the information they gain during a “recovery.” The way a scam is structured varies, but the beginning is the same: They pose as a legitimate firm, recovery specialist, or hacker-for-hire hoping to lure victims at their most vulnerable moment.
When you are searching for a recovery solution for locked out crypto, start by making a list of every firm, site, and lead you can find. If you see any of the following traits on their sites or in their communications, it’s likely a scam masquerading as a legitimate firm:
- Recovering Stolen Funds: No legitimate firm can “hack back” stolen crypto (as opposed to unlocking a wallet that is legitimately in possession of the rightful owner of the digital assets and not currently in possession by a 3rd party). Claims to do so are a major red flag. If you have been the victim of a scam or have had your crypto stolen, report it to the Internet Crime Complaint Center [ https://www.ic3.gov/ ].
- No Public Business Information: If a firm doesn’t have a brick and mortar building, it doesn’t necessarily mean that it is a scam. There are many reasons businesses may want to keep locations and personnel private – especially if you’re handling sensitive data, significant customer assets, and have life safety concerns (inset ransome DB link). But if you can’t find business filings, mailing addresses, emails, online profiles, or phone numbers associated with the business, and when pressed, the business provides no followthrough in private channels, then it’s a red flag.
- No Public Paper Trail: If you’re good at what you do, you want to tell the world. If you can’t find any public information on a firm, no articles from legitimate news sources, no LinkedIn Business Profile, no social media, no blogs, no testimonials… It’s a red flag.
- A “Trust Us” Business Practice: In the crypto space, a lot of deals are done with handshakes and on trust alone. If you are trusting someone with your wallet (even your locked wallet) you’ll need a contract, and most likely other verifications for ID, Public Wallet Address, and scope of work. If a firm is trying to get its hands on your wallet too quickly or without a robust contract in place, that’s a red flag.
- Scare Tactics or High-Pressure Sales Techniques: Pushing you to make a decision quick is often how scammers get you to shut off your sense of logic and influence you to make a regrettable decision. If you feel pressured, take some time to think about it, read over your communications, and come back with a clear head. If they are pressuring you, there can be legitimate reason, but if they are only pressuring you and NOT getting to know your case, that’s a red flag.
- Sweeping Claims: “Guaranteed Recovery or your money back!” may look great on the surface. But offering a “money-back” guarantee means that they are asking for payment up-front. Most recovery firms take an agreed upon fee *if* the wallet is recovered. Be wary of firms that say they can “Crack all wallets,” can “Recover any Device,” can “Brute-Force any Password.” These claims are not true for any firm. If you see them, or anything like them, that’s a red flag.
When evaluating crypto recovery firms, your first goal is to filter scams out quickly and only invest time with firms that operate legally, communicate transparently, and make realistic claims.
Part 2: What to Look for in a Cryptocurrency Recovery Firm – Green Flags
We’ve talked about the red flags that scams may have, but what are the green flags that you’re likely to see with legitimate firms? The following are good signs that you’re dealing with a legitimate firm. You’re unlikely to see these when dealing with scammers.
In-Depth Evaluation of Your Situation: It may sound like a canned line, but each crypto lockout is unique. Some may be similar, but the vastness of situations that have people locked out from their crypto means that there’s no cure-all, no magic wand, and no standard operating procedure until all the facts are lined up and evaluated by a specialist. A single piece of information can change a situation from being a longshot recovery to a near sure-thing. Any firm that is worth your time will take theirs to ask the right questions and dig into your case before quoting you a price, giving you a scope of work, or likely-hood of recovery. They will also ask for information at the appropriate time. Password guesses are useful in modeling, but actual credentials, wallets and key, will all be asked for after terms are agreed to and a contract is signed. Legitimate firms that manage their own risk will not want the burden of possession until they have a contract that covers their risk as well. Scammers want all of this as fast as possible, legit firms won’t accept until it’s justified and required.
Limited Scope of Services: Crypto is a complicated landscape and no one entity can do everything. Legitimate firms know that they need to offer specialized services that fit the cases they work with. Some specialize in common hardware wallets, others in specific software wallets, and others in more niche situations like hidden wallets, scrambled seeds, software bugs, or inherited crypto. Larger firms, like ours, may have capabilities in many aspects of crypto recovery, but the claims that are made about their capabilities will be clear before a firm takes your case or your wallet. Be sure to understand how their unique capabilities are beneficial to your specific case. For example, one firm that has experience with Trezors, but not other hardware or hidden wallets might not help you in your situation that may involve a Trezor, but in reality is a more complex recovery involving hidden wallets or multi-sig wallets.
Direct Communication with a Knowledgeable Case Manager: You should have the ability to communicate with someone handling your case directly. This may be the person who is doing the work on your case. It may also be a case manager that tracks and handles the parts and phases of your recovery. Some firms are not large enough to have a case manager that functions as an intermediary for your case as it moves between specialists. For boutique firms you’ll likely be in direct communication with the engineer doing the work on your recovery. But regardless of the size, you should absolutely have a point of contact within the organization that you can be in touch with over the course of the recovery process that can not only provide you with updates, but to fully understand and advocate for you and your case so the engineers have the right context to ensure success as much as possible. Sometimes its the little things that enable success. A good case manager will take the time to get to know your case to add value to the engineers working on it.
Legal Framework: If you want to avoid scammers, and getting scammed yourself, work with a firm that establishes a legal framework and container for the work. That means, at a minimum, signing a contract with the firm outlining the agreement. It’s a good idea to have a lawyer review the contract before signing. Some firms also may need to validate your identity or establish a chain of custody for the wallet to take your case. This can be a reason to not engage a firm for some individuals that would rather not have their identity linked to their crypto holdings. In cases like this, signing a Mutual Non-Disclosure Agreement to create a legal container for any sensitive information is a reliable solution that legitimate firms can offer.
Clear Path to Recovery: All firms have trade secrets that need to be protected. That being said, if the best answer a crypto recovery specialist can offer to how they will recover your wallet is that they will “hack it” or “brute force the password,” then you might be talking to a scammer. Legitimate firms will, at least, give you an explanation of the methodology of the way that they are recovering your assets. Even though they can’t give you a tutorial on how to do it yourself, they should be able to walk you through what they need to do to open your wallet in broad strokes and the steps from here to there. A good recovery company won’t take all cases, but they will tell you why
Part 3: Practical Steps for Vetting a Cryptocurrency Specialist
1) Ask the Right Questions
When you’re overwhelmed – or simply not steeped in this domain – it’s hard to know what to ask. Start with these:
- Approach & techniques: “At a high level, how do you handle cases like mine?” A credible firm can describe general methods without revealing proprietary details. Total refusal to explain anything – even at a surface level – is a red flag.
- Who is actually doing the work? Clarify the team model: in-house specialists, vetted partners, or ad-hoc contractors? How many similar cases has this team handled? Be honest with yourself about expectations: do you want an expert at an expert rate, or are you comfortable with a generalist approach and its trade-offs?
- Security, governance, and asset protection: Go beyond “data privacy.” Ask about controls over devices, key material, and assets during and after recovery. Do they enforce least-privilege access, audited workflows, chain-of-custody, security process, and documented deletion procedures?
- Contract and compliance: There should be a written agreement that protects both sides. Look for reasonable requirements such as KYC (Know Your Customer] or AML (Anti-Money Laundering) checks, proof of authority, scope and limits of work, fee structure, success criteria, custody/return of assets, incident handling, and data/device disposal. Scammers often avoid contracts, or present ones that give you zero legal recourse should things not go smoothly.
2) Check Their Reputation
Favor quality over quantity:
- Independent coverage and commentary: Have reputable outlets referenced the firm’s work or asked them to weigh in on technical topics? This suggests peers and journalists view them as credible. Don’t be afraid to ask for this directly.
- Industry involvement: Talks, panels, or workshops at relevant security/crypto events indicate visibility and a willingness to be scrutinized.
- Public work: Technical posts, case studies, research notes, or vulnerability disclosures. Distinguish between novel research and basic rehashes of existing tools. Genuine contributions signal deeper competence and trust.
3) Expect Direct and Traceable Communication
- Be wary of firms that only use anonymous handles, unbranded chat apps, or bare contact forms.
- Credible services will meet by phone or video, identify themselves, and explain next steps clearly. If they dodge questions or won’t speak live, think twice.
- Trust goes both ways: Just as you are vetting a firm, they should also vet you a bit. There should be appropriate protections and processes in place for both parties. Just as you should be hesitant to send your wallet too quickly, they should have protections in place to protect themselves from malicious packages being uploaded to their servers. Legitimate firms field calls from everyone from unrealistic requests from misinformed people to social engineering attempts from malicious actors – Firms should vet callers just as they should be vetted themselves.
4) Know the Red Flags
Proceed with extreme caution (or run!) if you see:
- Up-front crypto payments without a proper contract.
- Guaranteed outcomes. No one can promise success in recovery.
- Opacity about legality, process, or custodial controls. If they can’t explain the basics, they’re not trustworthy.
Part 4 – Possible Red Flags OR Reasonable Green Flags?
Some behaviors that feel suspicious at first are actually normal in this field:
- No public access to tools or source code: Protecting proprietary methods is standard and can be necessary to preserve effectiveness and intellectual property.
- Requests for documentation or legal authority: Legitimate firms will require proof you have the right to authorize work. Refusing to start without it is a good sign.
- Limited social media presence: Many credible teams emphasize confidentiality and client security over follower counts because they don’t want to be a target. There should still be some public information available for the organization, but just because they aren’t going viral doesn’t mean they aren’t able to help.
- Remote-only operations: A distributed or fully online model is common and can allow for a team with diverse skillsets to seamlessly work together without needing to pull rare talent from a limited geographic area. This is also very useful if security is a concern for the firm.
- Being asked for sensitive information: Usually this is a no-go, but it all depends on context. If a stranger asks for your address and if you’ll be home in an hour, that’s a red flag. But if you’re trying to hire a locksmith to get in your front door, that’s perfectly reasonable information to share. Crypto recovery requires the sharing of, at a minimum, some sensitive information and trusting a 3rd party with your wallet. Whenever sharing any information, have a legal framework in place to hold it and a valid reason to give it.
Recovering your assets shouldn’t compound stress. The safest path is informed due diligence: ask clear questions, insist on transparent process and contracts, and verify real-world signals of competence.
Remember: No one can recover stolen crypto. Legitimate work focuses on locked out or lost-access self-custody scenarios using specialized, lawful methods with security, compliance, and custody controls you can understand.
A good recovery partner will respect your questions, answer plainly, document the engagement, and demonstrate credibility at every step.
Nick Fedoroff
Unciphered
Director of Marketing
