TL;DR:
- David Schwartz warned XRP Ledger users about escalating scams involving fake XRP giveaways, wallet-draining airdrops, impersonation accounts and AI deepfakes across social platforms.
- Ripple does not conduct free XRP giveaways, while fraudulent promotions can push users toward malicious websites, wallet connections or seed phrase exposure.
- Schwartz also flagged a Windows BitLocker vulnerability, while April’s $635 million across 28 DeFi hacks underscored the broader security climate for crypto users this cycle.
Ripple CTO Emeritus David Schwartz warned XRP Ledger users about a sharper wave of scams targeting asset holders across social platforms and messaging apps. The alert focused on fake XRP giveaways, wallet-draining airdrops, impersonator accounts and AI deepfakes, all feeding on urgency around XRP activity. The unsettling part is that the playbook is not especially new. Attackers are instead scaling familiar psychological traps with better timing, broader reach and more convincing personas. That pressure turns routine verification into a frontline control for retail holders under pressure. For users, the risk has moved from obvious spam toward coordinated deception, where one careless wallet connection or exposed seed phrase can convert curiosity into permanent loss.
SCAM ALERT: There has been a huge escalation lately in airdrop and giveaway scams targetting XRPL users lately. Any such posts you see are likely scams.
Anyone claiming to be me on Instagram, Telegram, or almost anywhere else is likely a scammer.
Stay safe XRP fam.
— David 'JoelKatz' Schwartz (@JoelKatz) May 14, 2026
XRP Users Face Airdrops, Impersonators and Deepfakes
The warning draws a firm line around token promotions. Ripple does not run free XRP giveaways, and posts claiming otherwise on behalf of the company or its executives should be treated as scams. Fraudulent airdrops typically push users toward malicious websites, where victims may be asked to connect wallets or surrender recovery phrases. That makes the giveaway hook a direct custody threat, not merely misleading marketing. In a self-custody environment, the transaction boundary is unforgiving: once permission or secret data leaves the user, recovery options narrow quickly.
Impersonation adds another layer of complexity. Fake Schwartz accounts have appeared on Telegram, Instagram and other platforms, while his verified presence is limited to X and LinkedIn. That distinction matters because scammers exploit the social credibility of known executives to lower skepticism before making a request. The tactic is simple, but brutally effective. Identity trust is being weaponized against the XRP community, especially when messages arrive in private channels where users may feel targeted, selected or rushed into action before cross-checking the source.
The threat environment extends beyond social engineering. Schwartz also flagged a Windows BitLocker vulnerability described as capable of bypassing disk encryption through a standard USB port, putting locally stored private keys at risk. At the same time, past AI-generated deepfakes featuring Ripple CEO Brad Garlinghouse show how synthetic media can amplify false urgency. April’s $635 million in losses across 28 DeFi hacks adds a wider security backdrop, even though those incidents were not social-engineering attacks. The practical message is layered security, with users needing verified channels, cold-storage discipline, device hygiene and skepticism toward anything promising free XRP.
