How the scam operates.
O eos-io.info foi construído para evocar o consolidado ecossistema do blockchain EOS, mirando usuários já familiarizados com a rede EOS que possam estar procurando por ferramentas oficiais, acesso a wallets, interfaces de staking ou serviços relacionados a tokens. A estrutura do domínio, que substitui o ponto da identidade de marca canônica por um hífen e acrescenta o domínio de topo genérico .info, é uma jogada deliberada de proximidade, projetada para aparecer em buscas ou para parecer plausível quando compartilhada em canais sociais.
A mecânica operacional segue um padrão comum às operações de falsificação de marca no espaço das criptomoedas. Em geral, os visitantes são apresentados a uma interface que reproduz a linguagem visual do projeto genuíno de forma próxima o suficiente para suprimir qualquer desconfiança imediata. O objetivo do operador costuma ser a extração de chaves privadas, frases-semente ou credenciais de plataforma, solicitadas sob o pretexto de conexão de wallet, verificação de conta ou de um processo de airdrop ou resgate de tokens. Uma vez que as credenciais são enviadas, o operador passa a ter controle unilateral sobre quaisquer ativos on-chain associados.
O ponto de falha para as vítimas costuma ser invisível até que os ativos já tenham sido movimentados. Como as transações em blockchain são irreversíveis por concepção, não há mecanismo de contestação ou estorno depois que os fundos são transferidos ou as chaves são comprometidas. As vítimas em geral só descobrem a fraude após tentarem sacar fundos que não existem mais, ou após perceberem que as wallets conectadas durante a sessão foram esvaziadas. Os esforços de recuperação nessa etapa ficam significativamente limitados pela natureza pseudônima dos endereços de destino.
Red flags we documented.
- 01Domain engineered to mirror a recognised blockchain brandThe structure eos-io.info replicates the visual and phonetic identity of a well-known blockchain network by transposing its canonical domain format. This is a textbook brand-proximity construction, intended to exploit navigational error and user trust rather than establish independent legitimacy.
- 02Generic TLD inconsistent with infrastructure claimsLegitimate blockchain infrastructure projects, wallets, node operators, foundation portals, consistently operate under country-code or purpose-specific top-level domains, not unmoderated generic registrations such as .info. The choice of .info is a recurring characteristic of disposable impersonation domains with short operational lifespans.
- 03No documented regulatory standing or organisational identityNo incorporated entity, regulatory filing, or named technical team is documented in connection with this domain. Legitimate platforms operating in the digital-asset space, particularly those handling wallet access or token custody, maintain verifiable organisational presence. The absence of any such record is a material signal.
- 04Confirmed listing on CryptoScamDB blacklistThe domain appears in the CryptoScamDB community blacklist, a collaboratively maintained reference used by wallet software, browser extensions, and investigative researchers to flag addresses with a documented pattern of fraudulent activity. Blacklist inclusion reflects reported harm, not merely suspicion.
- 05Impersonation pattern associated with credential-harvesting operationsDomains that mimic blockchain project identities are disproportionately associated with private-key and seed-phrase harvesting rather than financial-return fraud. This distinction matters for victims: the harm is typically total and immediate, as the operator gains permanent access to on-chain holdings the moment credentials are submitted.
What you can do now.
Open a free 24-hour case assessment with CryptoLeek +
Tell us what happened. A senior analyst reads your file within 24 hours and replies with an honest yes/no/conditional on recovery. The assessment is free. If we cannot recover the funds we say so plainly, including which (free) regulator channel you should use instead. If we accept the case, we open a numbered case file and issue a written quote for a flat investigation retainer before any work begins, scoped to case complexity, the jurisdictions involved, and the on-chain trail.
Trace your funds on-chain with our analysts +
We trace stolen crypto across BTC, ETH, EVM L2s, Solana, Tron, and major stablecoins using the same toolchain as regulators and tier-1 exchange compliance teams. The output is a forensic report anchored to specific transaction hashes and block heights, the evidence that exchanges, payment processors, and counsel actually act on. Recovery starts here.
Recover with counsel where civil action makes sense +
Where the trace lands in a jurisdiction with cooperative banks and courts, we coordinate with bar-licensed counsel in our 40+ jurisdiction network for civil action and asset-freezing orders (Mareva-style). Counsel bill you directly; the CryptoLeek investigation retainer is independent of counsel fees. The outcome is funds released back to your nominated wallet or bank account.