How to Report a Scam on TronScan and TRON Network
If you lost USDT to a phishing site, fake approval, or fraudulent OTC deal on TRON, reporting helps protect the next victim — even when your own funds cannot be recovered on-chain. TronScan and ecosystem partners maintain reporting channels for malicious addresses and contracts.
This guide explains how to document evidence, report through TronScan, escalate to exchanges, and set realistic expectations about recovery.
What reporting can and cannot do
Reporting can:
- Flag addresses on explorers so wallets show warnings
- Help exchanges freeze deposits to known scam addresses
- Build public databases used by analytics firms
- Support law enforcement cases with structured evidence
Reporting cannot:
- Reverse confirmed TRON transactions
- Force attackers to return funds
- Guarantee exchange cooperation across jurisdictions
Act quickly anyway — scammers move USDT through exchanges within minutes.
Step 1: Document on-chain evidence
Gather from TronScan:
| Item | Where to find |
|---|---|
| Your wallet address | Your TronLink receive screen |
| Scammer address(es) | Outgoing transfer recipient |
| Transaction hashes (txid) | Transaction detail pages |
| Token contract | If fake USDT involved |
| Spender contract | If approval drain — Approvals tab |
| Timestamps (UTC) | TronScan transaction time |
Export CSV or screenshot each page. Include full URLs, not cropped images.
Also save:
- Phishing website URL (archive with archive.org if possible)
- Chat logs with scammer (Telegram, WhatsApp)
- Exchange account emails if account compromise involved
Step 2: Report on TronScan
- Open the scammer's address or contract page on TronScan.
- Look for Report, Flag, or feedback options (UI may vary by TronScan version).
- Select category: phishing, scam token, hack, etc.
- Paste evidence summary and transaction hashes.
Repeat for each distinct address in the chain (attacker, forwarding wallets, fake token contract).
For fake USDT tokens, report the token contract — not just the sender address.
Step 3: Report phishing infrastructure
| Target | Action |
|---|---|
| Phishing domain | Registrar abuse report, Google Safe Browsing |
| Fake TronLink extension | Chrome Web Store report |
| Fake mobile app | App Store / Play Store report |
| Malicious Telegram bot | Telegram abuse report |
Include the domain and screenshots showing wallet connect prompts.
Step 4: Contact exchanges
If stolen USDT landed on a known exchange deposit address:
- Identify exchange via blockchain analytics (TronScan labels, community tools) or deposit address patterns.
- Open exchange support ticket immediately.
- Provide tx hashes, scam timeline, police report number if available.
- Request deposit freeze for attacker account.
Success varies. Exchanges often need law enforcement requests for account details — still worth filing early.
Step 5: Law enforcement and recovery services
For large losses:
- File cybercrime report in your jurisdiction
- Provide structured evidence packet (hashes, addresses, USD value at time of theft)
- Avoid "recovery services" that cold-call victims — many are second-order scams
Legitimate investigators exist but charge fees and rarely guarantee results. Never pay upfront to unknown "hackers."
Prevention for next time
Community reporting channels
Beyond TronScan, share evidence in TRON community forums and social channels so others can block addresses in their wallets. Never pay "recovery services" that contact you after a report — they are often secondary scams. Document everything before funds move through mixers or bridges where tracing becomes harder.
Building an evidence package
Organize reports chronologically: (1) how you discovered the scam, (2) what you signed or shared, (3) outbound transactions with timestamps, (4) current status of funds. PDF exports from TronScan carry more weight with exchanges than screenshots alone. Include USD valuation at time of loss using historical price data — investigators need this for case prioritization.
Law enforcement requests may ask for IP logs from your ISP if phishing occurred via website — preserve browser history and DNS records where legally permissible.
Related guides
FAQ
Will reporting on TronScan recover my stolen USDT?
No. Reporting helps warn other users and may assist exchanges in blocking addresses. On-chain transfers are irreversible.
What information should I include in a scam report?
Scammer TRON addresses, transaction hashes, phishing URLs, screenshots with timestamps, and a short timeline of what happened.
Should I report dust poisoning addresses?
Yes, if TronScan supports flagging. Low priority but helps pattern detection.
Can I report before losing funds?
Yes. Report phishing domains and suspicious contracts you discover during due diligence — proactive reports save others.
Does Tether freeze scam USDT?
Tether can freeze USDT at the contract level for law enforcement requests in some cases. Contact law enforcement — not Tether directly as an individual — for official channels.
Thanks — your feedback helps us improve the docs.