By Suy Se

Waving their national flags, dozens of Chinese nationals protested outside Cambodia’s central bank on Monday, demanding the unfreezing of accounts they opened with a financial services firm linked to cyberscamming.

Some demonstrators wielded umbrellas and clashed with scores of local security personnel armed with batons, leaving at least two protesters bloodied.

The former chairman of Huione Group, Li Xiong, was extradited to China on April 1, with Chinese authorities saying he was central to a major transnational gambling and fraud syndicate, and suspected of multiple crimes.

Protesters said their accounts with its digital payments platform H-Pay, previously Huione Pay, had been frozen since December.

Construction and renovation company owner Wang Xijun said he had about US$50,000 locked in his account and has been unable to pay his staff for around three months.

“We are Chinese citizens. We support the crackdown on illegal online gambling and illicit earnings,” Wang shouted.

“But do not lay your hands on us ordinary civilians,” he added. “Give the people’s money back!”

The US government last year accused Huione, which owned several companies offering e-commerce, payment and cryptocurrency exchange services, of laundering funds for transnational criminal groups perpetrating scams from Southeast Asia.

But the protesters in Phnom Penh say they have nothing to do with these alleged crimes and now cannot access their assets deposited with Huione, calling on the National Bank of Cambodia (NBC) to intervene.

Monday’s demonstration followed protests earlier this month outside the NBC and the Chinese embassy in Phnom Penh.

Li Shangfu, 54, said many Chinese people in Cambodia had used Huione because it was “trusted” and convenient for “all our transactions”.

He works in the restaurant and hotel industry and said he has tens of thousands of dollars tied up in Huione’s platform.

“I want the government to give us an answer. What exactly is the situation regarding our money?” said Li. “Does this money still exist or not?”

‘My blood and sweat’

The NBC has said the Huione platforms’ business licences have been revoked, and Huione Pay creditors should go to the courts, while H-Pay creditors can make claims with a liquidator.

The US Treasury’s Financial Crimes Enforcement Network (FinCEN) designated Huione Group a “primary money-laundering concern” last year, and prohibited US financial institutions from processing transactions with it.

Beijing has called Huione’s Li “a core member” of the criminal gang of Chen Zhi, another Chinese-born accused scam boss who was operating from Cambodia before being extradited to China this year.

The Southeast Asian nation has emerged as a hub for the illicit industry in recent years, with transnational crime groups initially mostly targeting Chinese speakers before widening their reach and stealing tens of billions of dollars annually from victims around the world.

Cambodian authorities say they are cracking down, detaining and deporting more than 13,000 foreign nationals involved in online scams since early last year.

From January to April, more than 240,000 people, including Chinese, Indonesians, Indians and others, accused of scam involvement “voluntarily departed” Cambodia, the government said last week.

Monitors accused senior Cambodian officials of complicity — allegations the government has denied.

Protesting Cambodian food vendor Sopheak, 42, said she could see her US$36,000 balance on the Huione platform but cannot withdraw any money.

She opened her account three years ago because Chinese customers preferred it, she said.

“The money is my blood and sweat.”

Post sponsored by Changelly

Crypto swaps are fast and permissionless, which is exactly why scammers love them. Before you hit “swap,” decide where you’ll execute: a DEX router you trust (Uniswap, 1inch) or a centralized venue where you can sanity-check tickers, fees, and withdrawals (Binance, Kraken, Coinbase).

A simple way to cut risk is by reducing unknown interfaces and “too-good-to-be-true” rate widgets. If you’re comparing venues, using a low-fee crypto exchange can help you avoid hidden costs scammers often mask with wide spreads or fake fee breakdowns, especially if you stick to well-known brands and consistent workflows. For instance, some users prefer services like Changelly for straightforward swaps, while others keep it simple with a single CEX account (like Kraken) they’ve already secured with 2FA. Either way, look for transparent maker/taker pricing, clearly listed withdrawal fees, and a site/app you’ve bookmarked.

In 2026, swap scams are more polished than ever, preying on urgency: gas spikes, sudden pumps, and “fix your transaction” prompts. This guide breaks down the most common swap scams and the habits that keep your funds safe.

Understanding Crypto Swap Scams

Scammers exploit the seamless UX of DEXs through fake interfaces and sponsored ads that mimic legitimate platforms. These phishing sites use subtle URL misspellings (“unlswap.org” instead of “uniswap.org”) and trick users into granting unlimited token access via hidden approvals or EIP-2612 permit signatures. One wrong click grants attackers full wallet access.

Telegram bot-in-the-middle attacks swap output tokens with worthless lookalikes, while fake bridges demand deposits to random addresses rather than minting on destination chains. Cross-chain “gasless” approvals grant permanent spending rights. Young professionals face targeted attacks through LinkedIn, Discord, and Twitter DMs promising exclusive deals.

Protection is straightforward: verify URLs manually, double-check token addresses, scrutinise approval requests, and use revoke.cash regularly. Make verification your default habit.

Targeted Platforms and Attack Vectors

The biggest platforms face the most attacks. Uniswap, PancakeSwap, 1inch, Matcha, ParaSwap, and Jupiter see constant impersonation. MetaMask, Trust Wallet, Phantom, and Coinbase Wallet are spoofed relentlessly through Google ads that rank above legitimate results.

ScamSniffer and Chainalysis identify MetaMask plus Uniswap or 1inch as the top phishing combination. Drainer kits like Inferno and Angel have stolen hundreds of millions since 2023. Networks with lower fees (Base, Arbitrum, Polygon, BNB Chain) attract high retail volumes and therefore more scammers. Always verify the URL and contract address; never assume familiarity equals safety.

Approval and Permit Signature Scams

Approval scams trick users into granting unlimited spending rights to malicious contracts. That routine “approve max" on a fake Uniswap site lets attackers drain your entire token balance. Gasless permits (EIP-2612, Permit2) are worse, as one signed message with no gas cost grants instant drain capability. Phishing sites clone legitimate interfaces but swap the spender address to attacker contracts.

Always check wallet prompts: verify spender address, token, allowance amount, and deadline. If it's infinite or unfamiliar, decline. Use simulation features in MetaMask and SafePal. Set custom spending caps, never infinite. Audit approvals regularly via revoke.cash. Hardware wallets force review of every signature, making blind signing nearly impossible.

Fake Tokens, Honeypots, and Rug Pulls

Permissionless DEXs allow anyone to create tokens. Scammers clone logos and tickers of legitimate projects, hiding malicious functions like unlimited minting or 99% trading taxes in unverified contracts. Honeypots allow buys but block sells through anti-sell logic or cooldowns. Liquidity rug pulls occur when creators withdraw pool liquidity after building hype, either instantly (hard rug) or gradually through fee manipulation (soft rug).

Protect yourself: verify contract code on Etherscan, check LP lock duration, confirm ownership is renounced, and review holder distribution. Tools like Honeypot.is and Token Sniffer catch many scams but not all. If slippage looks abnormal or transaction taxes are excessive, walk away. FOMO is the scammer's best friend; patience and due diligence separate winners from victims.

MEV Sandwich Attacks

MEV searchers exploit your slippage by sandwiching trades. When your transaction hits the mempool, they frontrun (buy to push price up), you execute at the inflated price, then they backrun (sell into your buy). Wide slippage settings give searchers free profit. Low-liquidity pools and large orders amplify vulnerability.

Defence: use tight slippage (0.1–0.5% on major pairs), split large orders, route via private RPCs (Flashbots Protect, MEV-Blocker), or use intent-based protocols like CoW Swap. Limit orders remove urgency. Always simulate trades to check price impact; suspiciously high impact may indicate wash trading.

Cross-Chain Bridge Scams

Fake bridge sites (impersonating LI.FI, Wormhole, Stargate) demand deposits to random wallets rather than minting wrapped tokens properly. Router swap traps push unlimited approvals disguised as bridge interactions. Compromised socials create urgency with fake airdrop announcements. Malicious RPC endpoints can flip chain IDs or destination addresses mid-transaction.

Ask yourself: why rush? Why unlimited approval? Type bridge URLs manually, set custom spending caps, verify destination chain ID, and test with small amounts first. Use revoke.cash regularly to audit old permissions.

Phishing and Address Spoofing

Phishing links lead to fake interfaces that drain Permit2 approvals or reroute swaps. Chainalysis tracks billions in losses from these attacks. Address poisoning plants lookalike addresses ("0x1234...ABCE" versus "0x1234...ABCD") in your transaction history; when you paste it later, funds vanish. ENS/Unicode spoofing uses homoglyphs and zero-width characters to mimic trusted domains (“.еth” using Cyrillic instead of “.eth”).

Never click links; instead, type URLs manually. Verify full EIP-55 checksummed addresses on hardware wallet screens. Use transaction simulation (Rabby, Safe, MetaMask). Maintain an address allowlist and copy from it, never from transaction history. Urgency signals scams, as legitimate opportunities don't require split-second decisions.

Defensive Tools and Workflow

Layer your defences. Route via MEV-Blocker RPC or CoW Swap for private execution. Set slippage 0.1–0.5% for liquid pairs with 5-to 10-minute deadlines. Only swap verified tokens from Uniswap/CoinGecko lists, check Etherscan for contract age, holders, and locked liquidity. Run simulations with Pocket Universe or Tenderly before executing.

Never approve infinite amounts; set exact spending caps. Audit approvals regularly via Revoke.cash. Separate wallets by risk: hot wallet for experiments, and hardware vault for main holdings. Install WalletGuard or Scam Sniffer extensions. Enable MetaMask/Blockaid security alerts.

Pre-swap checklist:

1. Verify token contract from official site, check on Etherscan.
2. Compare quotes across aggregators, check price impact.
3. Set tight slippage and MEV protection.
4. Approve exact amounts only.
5. Check gas and mempool congestion.
6. For bridges: confirm chain ID, use official interfaces, test small amounts first.
7. Execute a tiny canary swap before making a full trade.

ROI of Security

Protecting principal beats chasing marginal gains. Would you risk 100% loss to save £5 in gas? Using trusted aggregators costs 0.2–0.5% more but preserves capital. A £2,000 approval scam drains everything, while revoking costs £10 and prevents total loss. That's 200x ROI. Setting 0.5% slippage on £5,000 trades saves £25 versus 1% slippage.

Verifying contract addresses takes 30 seconds. Hardware wallet prompts add 3 seconds but eliminate unlimited approval risks. Missing a 20% gain hurts, but avoiding one rug pull offsets years of fees. One catastrophic loss erases months of profits.

Scepticism pays dividends. Impulsiveness pays scammers. The traders who survive aren't the fastest or most aggressive, they're the most disciplined. Build verification into your routine until it becomes automatic. Protect your capital first, and everything else follows.

About the Author

Joshua Merrick

Joshua Merrick is a cryptocurrency strategist and blockchain professional specializing in digital asset infrastructure and exchange technologies. He is a senior team member at Changelly, where he contributes to the platform’s growth, strategic partnerships, and product development initiatives.

Focused on expanding access to seamless crypto-to-crypto exchanges, Merrick plays a key role in advancing Changelly’s mission to simplify digital asset transactions for users worldwide. With a strong emphasis on security, innovation, and user experience, he continues to support the evolution of cryptocurrency as a practical and widely adopted financial technology.:

Company: Changelly

Website: www.changelly.com

China’s top diplomat Wang Yi called for the complete eradication of scam centres in Cambodia during a meeting with Prime Minister Hun Manet in Phnom Penh, according to Beijing’s foreign ministry.

Cambodia hosts dozens of scam centres with tens of thousands of people perpetrating online scams — some willingly and others trafficked — in a multibillion-dollar illicit industry, rights monitors say.

But under pressure from several countries, including China, Cambodian authorities say they are cracking down on the industry.

“Cross-border gambling and fraud endanger the lives and property of the people and must be resolutely cracked down on and completely eradicated,” Wang told Hun Manet, China’s foreign ministry said in a statement late Wednesday.

See also: Alleged scam boss extradited from Cambodia to China

China and Cambodia maintain close trade, diplomatic and military ties. Wang, who was accompanied by Chinese Defence Minister Dong Jun, also underlined the two countries’ “unbreakable bond” during the meeting.

Hun Manet told AFP in February that scam centres were destroying his country’s economy and giving the nation a bad name, vowing to “clean this out”.

He wrote on social media late Wednesday that he, Wang and Dong had discussed promoting cooperation in politics, trade and investment, national defence and security, clean energy, transportation infrastructure construction and agriculture.

Wang and Dong also met Cambodia’s Foreign Minister Prak Sokhonn and Defence Minister Tea Seiha on Wednesday.

The Chinese foreign minister said he supported initiatives aimed at normalising relations between Cambodia and Thailand following deadly clashes last year along their shared border.

“China is willing to continue to build more platforms for the resumption of exchanges and direct dialogue between Cambodia and Thailand,” Wang said.

While a ceasefire was agreed to in December, the regional situation remains fragile, with Cambodia and Thailand accusing each other of failing to respect the truce.