How the scam operates.
ドメインcontribute-status.imは、status.imのもとで運営される著名なEthereumのメッセージング兼ウォレットプロジェクトであるStatus Networkの公式ポータルに似せて構築されています。接頭辞「contribute-」と.imトップレベルドメインの組み合わせは、寄付ラウンド、ステーキングダッシュボード、トークン配布イベントといった正規の参加メカニズムを模倣し、実際には有していない関連性を暗示することで、当該サイトに見せかけの信頼性を付与しています。
被害者は通常、ソーシャルメディアの投稿やメッセージングプラットフォーム上の告知を通じて当該ドメインへ誘導され、約束された報酬や割当と引き換えに、非カストディアル型ウォレットを接続するか、トークンを預け入れるよう指示されます。当該サイトはウォレットの署名を取得し、または承認トランザクションを実行することで、運営者に資産の管理権限を付与します。正規プロジェクトの名称空間との類似性により、被害者がトランザクションを承認する前に行う精査の度合いが低下します。
期待していた報酬が実現しない場合、または操作の直後にウォレットから資産が抜き取られた場合に、その破綻が明らかになります。本来のプロジェクトへ連絡を試みても、当該ポータルが認知されることはありません。その時点で当該ドメインは通常オフラインとなっているか、別の場所へリダイレクトされており、サポート窓口も、名前の判明した運営者も、送金先のウォレットアドレス以外に回収可能な取引相手も残されていません。
Red flags we documented.
- 01Domain engineered to impersonate a legitimate project’s namespaceThe construction of contribute-status.im, pairing a community-participation prefix with the .im TLD, is designed to be visually indistinguishable from an official Status Network sub-brand. Legitimate projects do not route contribution or staking activity through lookalike domains.
- 02Blacklist listing with no corresponding authorised registrationCryptoScamDB flagged this domain as a confirmed-scam entry in its public blacklist. No announcement or endorsement from the genuine Status Network project has been documented, confirming the domain has no authorised affiliation.
- 03Approval-phishing pattern consistent with wallet-draining operationsPortals of this type routinely request ERC-20 approval transactions. A single approval signature can grant an operator unlimited access to specific token balances, with victims unaware until well after the interaction.
- 04No identified operator, legal entity, or support channelOperations built on impersonation infrastructure typically have no named team, no registered entity, and no support mechanism. The absence of any accountable party is a structural feature that limits recourse once assets are transferred.
- 05Short-lifecycle infrastructure signals opportunistic deploymentDomains of this architecture are routinely deployed for brief campaigns timed around token events or airdrops, then abandoned. Rapid deactivation after extraction is consistent with coordinated phishing activity rather than any legitimate service.
What you can do now.
Open a free 24-hour case assessment with CryptoLeek +
Tell us what happened. A senior analyst reads your file within 24 hours and replies with an honest yes/no/conditional on recovery. The assessment is free. If we cannot recover the funds we say so plainly, including which (free) regulator channel you should use instead. If we accept the case, we open a numbered case file and issue a written quote for a flat investigation retainer before any work begins, scoped to case complexity, the jurisdictions involved, and the on-chain trail.
Trace your funds on-chain with our analysts +
We trace stolen crypto across BTC, ETH, EVM L2s, Solana, Tron, and major stablecoins using the same toolchain as regulators and tier-1 exchange compliance teams. The output is a forensic report anchored to specific transaction hashes and block heights, the evidence that exchanges, payment processors, and counsel actually act on. Recovery starts here.
Recover with counsel where civil action makes sense +
Where the trace lands in a jurisdiction with cooperative banks and courts, we coordinate with bar-licensed counsel in our 40+ jurisdiction network for civil action and asset-freezing orders (Mareva-style). Counsel bill you directly; the CryptoLeek investigation retainer is independent of counsel fees. The outcome is funds released back to your nominated wallet or bank account.