The 7 red flags of a recovery scam
They ask for your seed phrase or private key
The whole point of a recovery service is that you have an encrypted file and cannot access the wallet. If you already had the seed or private key, you would not need them. Any request for this information is a theft attempt. Real services never see your unencrypted keys.
Upfront fee for 'GPU time' or 'compute deposit'
This is the #1 pattern. The scammer charges $100–$2,000 'to reserve GPU resources.' No compute actually happens. They repeat this for dozens of victims per week. Real services absorb the compute cost because the percentage success fee covers it many times over.
Guaranteed recovery
No honest service guarantees recovery. If your password is truly random and 16+ characters, it is computationally impossible. A "100% success rate" claim means either (a) they scam everyone and nobody recovers, or (b) they cherry-pick easy cases for reviews and ghost the rest.
Contact only via Telegram/WhatsApp/Discord DM
Real services have a website with a legal entity, refund policy, public contact email, and years of history. If the only contact is a Telegram handle that appeared six months ago, the operator can rotate identities instantly.
Pushing you to move the wallet 'for safety'
Once they have the password, scammers often claim "your wallet is compromised, let us transfer the funds to a safer address." The safer address is theirs. Never give anyone control or ask anyone to move your funds. Once recovered, you move them yourself.
Fake testimonials and recovered-wallet claims
Screenshots of 'recovered' transactions are trivially fakeable. Real services publish on-chain proof (recovered addresses, Reddit threads with signed messages from the owner). If the only proof is a photoshopped review page, it's marketing.
Rushing you to decide
"We have limited GPU slots this week, pay now." Legitimate services have queues, not flash sales. Urgency is the oldest scam pressure tactic.
What a legitimate service looks like
Pay on success
You pay a percentage (usually 10–20%) or flat fee only after the password is found. If they don't find it, you owe nothing. Some services offer free attempts for easy cases.
Only the encrypted file
You upload wallet.dat / keystore.json / MetaMask vault JSON. No seeds, no keys, no unlocked wallets. The file is useless to the attacker without the password — that is why the file alone is sufficient.
Signed NDA
Willing to sign a non-disclosure agreement. Your identity, the wallet, and the balance are not discussed publicly — even in anonymized case studies — without your permission.
Honest about odds
Tells you upfront if your case is unrecoverable. Strong random passwords are not crackable — any service that says otherwise is lying to keep you hopeful (and billing).
Known legitimate services
These are the best-known reputable operators — not an endorsement, just a list of services with multi-year on-chain and community track records. Compare pricing, NDA, and timelines yourself.
| Service | Fee model | Focus |
|---|---|---|
| WalletRecoveryServices.com | 20% of recovered | Bitcoin wallet.dat, PyCrypto |
| Dave Bitcoin (walletrecoveryservices.com) | 20% | Bitcoin, older wallets |
| KeychainX | 20% or flat | Ethereum, MEW, MetaMask |
| ReWallet | 20% | Multi-chain, European operator |
| Crypto Wallet Password Recovery | Flat fee on success | Bitcoin, Ethereum, MetaMask, Exodus, BIP39 |
Realistic success rates by wallet type
| Wallet | With strong hints | With weak hints | No hints |
|---|---|---|---|
| Bitcoin wallet.dat (mode 11300) | 60% | 25% | <5% |
| Ethereum keystore (mode 15700) | 30% | 10% | <2% |
| MetaMask vault (mode 26600) | 70% | 35% | 10% |
| Exodus (mode 28200) | 50% | 20% | 5% |
| BIP39 missing 1–4 words | 90% | 60% | N/A |
"Strong hints" = you remember the structure, most characters, length, special-character positions. "No hints" = you used a randomly generated password from a manager and do not remember any part of it.
Anatomy of a typical scam
Victim posts on r/Bitcoin or Twitter: "I lost my wallet password from 2015, any help?"
Scammer DMs within minutes. Claims to run a "professional recovery firm." Links to a slick website with fake testimonials.
Scammer offers "free analysis." Victim uploads wallet. Scammer responds with a detailed-sounding "technical assessment" (generated by template).
Scammer quotes "$800 deposit for 72 hours of GPU compute." Victim pays.
After 72 hours: "We need 24 more hours and $400 for extended time." Or: "We found close matches, another $600 to finalize."
Eventually: silence, blocked, or "sorry, your password was too strong." Money gone.
Our commitments
For full transparency, here is how this service operates:
- Upload only the encrypted file. No seed phrases, no private keys, no unlocked access. We literally do not have the ability to move your funds.
- Pay only after we find the password. Free analysis, flat fee on success — not a percentage of your balance.
- Honest difficulty estimate. Our Wallet Analyzer tells you if recovery is easy/medium/hard before you submit.
- Your file is deleted after 30 days. Whether we find the password or not, the encrypted file is purged.
- We will tell you when it's impossible. If your password is truly random, we'll say so. We won't string you along.
Frequently asked questions
Are crypto wallet recovery services legit?
A minority are. Legitimate operators never ask for your seed or private key, charge on success, and sign an NDA. The majority of services advertising wallet recovery are upfront-fee scams.
What should a real recovery service never ask for?
Never: seed phrase, private keys, the password itself, control of the wallet. Only: the encrypted wallet file.
Why do scammers ask for a small upfront fee?
It's the business model. Collect $500–$2,000 from each of many victims, run no actual compute, disappear. Legitimate services invest the compute themselves because the success fee pays for it many times over.
What are realistic success rates?
Bitcoin wallet.dat with hints ~40–60%, Ethereum keystore ~20–30%, MetaMask ~50–70%, BIP39 1–4 missing words ~70–90%. Strong random passwords: effectively 0% regardless of wallet.
How do I verify a recovery service is legitimate?
Years in business, on-chain track record, signed-message proofs from past customers, willingness to sign NDA, honest rejection of unrecoverable cases, clear pricing.
Ready to submit, safely?
Start with the free analyzer to see the difficulty level — no upload, runs in your browser. Then submit with any password fragments you remember.