Ripple CTO Emeritus, David Schwartz, urged the community to remain extremely vigilant, warning about the growing number of attacks targeting XRP Ledger asset holders on social media like X and messengers like Telegram.
Scammers are not creating fundamentally new tools, but they have sharply increased the intensity of classic psychological traps, Schwartz points out as he highlights a rapid rise in fake token giveaways and fraudulent airdrops. Attackers use these schemes to trick victims into connecting their crypto wallets to malicious websites or handing over their seed phrases.
Fake XRP airdrops, deepfakes, and a $635 million DeFi crisis
It has been stated repeatedly, and Schwartz once again emphasized, that Ripple never conducts such giveaways, and any posts promoting free XRP tokens on behalf of the company or its executives are one hundred percent scams.
Beyond that, malicious actors are actively creating fake Schwartz accounts on Telegram, Instagram, and other platforms. Schwartz stressed that his only verified profiles exist on X and LinkedIn, and that anyone contacting users while impersonating him on other platforms is a scammer.
SCAM ALERT: There has been a huge escalation lately in airdrop and giveaway scams targetting XRPL users lately. Any such posts you see are likely scams.
— David 'JoelKatz' Schwartz (@JoelKatz) May 14, 2026
Anyone claiming to be me on Instagram, Telegram, or almost anywhere else is likely a scammer.
Stay safe XRP fam.
The attack wave targeting XRP holders comes amid escalating cyber threats across the IT industry. Alongside his warning about fake airdrops, Schwartz also issued a critical alert today regarding a dangerous Windows BitLocker vulnerability - a bug that allegedly allows hackers to bypass disk encryption through a standard USB port, putting locally stored private keys at risk.
Scammers are exploiting the increased activity surrounding XRP and recent discussions around the asset's price to manipulate the emotions of retail investors by creating a false sense of urgency. Previous months were also marked by the use of AI-generated deepfakes featuring the face of Ripple CEO Brad Garlinghouse.
The warning resonates even more strongly given that April became the most hack-heavy month in DeFi history, with $635 million lost across 28 hacks in just 30 days. While those incidents were not social engineering attacks, they still clearly demonstrate that cryptocurrency users are currently more vulnerable than ever.
