Warning: FTX Creditor Payouts Targeted by Sophisticated Phishing Scams

The process of compensating FTX creditors has triggered a wave of new cyber threats, with scammers running sophisticated phishing campaigns to exploit the latest $1.6 billion payout phase.

Exploiting the Recovery Process

FTX issued an urgent security alert after its third distribution round began in late September. Fraudulent emails, designed to look like official communications, are impersonating both Kroll Restructuring Administration and the FTX Recovery Trust—the entities managing the claims.

These deceptive messages aim to trick users into:

• Visiting fraudulent websites.
• Connecting their crypto wallets to unauthorized portals.
• Sharing sensitive information under the guise of "account verification" or "distribution instructions."

The Deception and Official Warning

The fake emails are particularly convincing, often referencing payout percentages (some even promising inflated returns between 118% and 142%) and directing victims to non-official "distribution portals."

FTX's Official Warning:

• FTX will NEVER ask users to link external wallets or access third-party websites.
• All legitimate updates and claims processing are handled exclusively through the verified FTX claims portal.
• The exchange urges claimants to treat all unsolicited emails with suspicion and avoid clicking embedded links.

High Stakes and Continued Threat

Phishing schemes have become a growing threat across the crypto sector, with over $12 million in crypto reportedly stolen through such scams in August alone. With the FTX estate planning to continue releasing settlements through 2026—and pledging to return up to 118% of eligible balances—analysts expect these phishing attempts to intensify. For creditors who have waited two years for their funds, impatience and misinformation make them vulnerable targets. Vigilance is the only defense.

October 2025, Cryptoniteuae