What to do with cryptocurrency phishing scams


There is a Cryptocurrency phishing scam targeting Decentralised cryptocurrency exchanges utilizing Cloudflare as Nameservers and CDN. I had reported this using the abuse form, but no action was taken [ 96cf686596e6fdb7, f7b46178003999f6, 166153f05a8c7e47]. Then I reported it to the registrar, Who took out the website after one week.

The issue is that one week is ample time for scammers, and they now have made new scam websites using Cloudflare services (I can share the URLs and proofs if needed in the comments or via email). Some of the websites were now using registrars who were not responding.

My question is, Should I keep reporting these websites to Cloudflare?
Is this kind of situation where Cloudflare will take any action?
I give details about the scam website, the URL of the target website, and the details addon to be installed to see the website accessing cryptocurrency tokens. I can share screenshots if needed via email. Is there anything more I can do/ provide so that a faster response is taken?

Although the Cloudflare abuse page allows a max of 250 URLs to be shared, They have to be all from the same domain. So when multiple domains of the exact nature have to be reported, each has to be done separately. There are currently more than 20 websites to report, which will take a lot of effort. It would be much easier if at least 10 domains were allowed to be reported at once.

It would also be better if the abuse report confirmation email from Cloudflare contained the original message, allowing much clarity and reducing confusion, especially when reporting more than 1 issue.

Time is a great factor in such phishing scams, as innocent people get scammed as time passes by. I am aware that Cloudflare receives a large number of reports every day, but I hope some actions can be taken to improve the current situation.

Thank you

According to Cloudflare,
“It cannot remove from the Internet content that it does not host, and the vast majority of abuse reports we receive relate to our non-hosting reverse proxy, pass-through security, and CDN services.” You can read more from their approach:

If the website is known for any type of abuse, its right to submit the information. Cloudflare analyzes and reviews the given information according to their abuse policy.

If you are aware of the domain registrars of such abuse websites, you can report to them as well.

Its obviously painstaking, time consuming for one to submit & go through the same procedure. However, as of now, there is no other alternatives as according to their doc.

Certainly, Cloudflare can think on this issue.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.