Cómo opera la estafa.
eos-io.info está construido para evocar el consolidado ecosistema de la blockchain EOS, dirigiéndose a usuarios ya familiarizados con la red EOS que podrían estar buscando herramientas oficiales, acceso a wallets, interfaces de staking o servicios relacionados con tokens. La estructura del dominio, que sustituye el punto por un guion en la identidad de marca canónica y añade un dominio de nivel superior genérico .info, es una jugada deliberada de proximidad, diseñada para aparecer en las búsquedas o para resultar verosímil cuando se comparte en canales sociales.
La mecánica operativa sigue un patrón habitual en las operaciones de suplantación de marca dentro del ámbito de las criptomonedas. A los visitantes se les presenta normalmente una interfaz que replica el lenguaje visual del proyecto genuino con la suficiente fidelidad como para suprimir un escepticismo inmediato. El objetivo del operador suele ser la extracción de claves privadas, frases semilla o credenciales de plataforma, solicitadas bajo el pretexto de una conexión de wallet, una verificación de cuenta o un proceso de airdrop o reclamación de tokens. Una vez enviadas las credenciales, el operador obtiene control unilateral sobre cualquier activo on-chain asociado.
El punto de fallo para las víctimas suele ser invisible hasta que los activos ya se han movido. Dado que las transacciones en blockchain son irreversibles por diseño, no existe ningún mecanismo de disputa ni de contracargo una vez que se transfieren los fondos o se comprometen las claves. Las víctimas suelen descubrir el fraude solo después de intentar retirar fondos que ya no existen, o tras advertir que las wallets vinculadas durante la sesión han sido vaciadas. Los esfuerzos de recuperación en esa etapa quedan considerablemente limitados por la naturaleza seudónima de las direcciones receptoras.
Banderas rojas que documentamos.
- 01Domain engineered to mirror a recognised blockchain brandThe structure eos-io.info replicates the visual and phonetic identity of a well-known blockchain network by transposing its canonical domain format. This is a textbook brand-proximity construction, intended to exploit navigational error and user trust rather than establish independent legitimacy.
- 02Generic TLD inconsistent with infrastructure claimsLegitimate blockchain infrastructure projects, wallets, node operators, foundation portals, consistently operate under country-code or purpose-specific top-level domains, not unmoderated generic registrations such as .info. The choice of .info is a recurring characteristic of disposable impersonation domains with short operational lifespans.
- 03No documented regulatory standing or organisational identityNo incorporated entity, regulatory filing, or named technical team is documented in connection with this domain. Legitimate platforms operating in the digital-asset space, particularly those handling wallet access or token custody, maintain verifiable organisational presence. The absence of any such record is a material signal.
- 04Confirmed listing on CryptoScamDB blacklistThe domain appears in the CryptoScamDB community blacklist, a collaboratively maintained reference used by wallet software, browser extensions, and investigative researchers to flag addresses with a documented pattern of fraudulent activity. Blacklist inclusion reflects reported harm, not merely suspicion.
- 05Impersonation pattern associated with credential-harvesting operationsDomains that mimic blockchain project identities are disproportionately associated with private-key and seed-phrase harvesting rather than financial-return fraud. This distinction matters for victims: the harm is typically total and immediate, as the operator gains permanent access to on-chain holdings the moment credentials are submitted.
Lo que puedes hacer ahora.
Open a free 24-hour case assessment with CryptoLeek +
Tell us what happened. A senior analyst reads your file within 24 hours and replies with an honest yes/no/conditional on recovery. The assessment is free. If we cannot recover the funds we say so plainly, including which (free) regulator channel you should use instead. If we accept the case, we open a numbered case file and issue a written quote for a flat investigation retainer before any work begins, scoped to case complexity, the jurisdictions involved, and the on-chain trail.
Trace your funds on-chain with our analysts +
We trace stolen crypto across BTC, ETH, EVM L2s, Solana, Tron, and major stablecoins using the same toolchain as regulators and tier-1 exchange compliance teams. The output is a forensic report anchored to specific transaction hashes and block heights, the evidence that exchanges, payment processors, and counsel actually act on. Recovery starts here.
Recover with counsel where civil action makes sense +
Where the trace lands in a jurisdiction with cooperative banks and courts, we coordinate with bar-licensed counsel in our 40+ jurisdiction network for civil action and asset-freezing orders (Mareva-style). Counsel bill you directly; the CryptoLeek investigation retainer is independent of counsel fees. The outcome is funds released back to your nominated wallet or bank account.