XRPL Labs has issued an urgent security advisory to the XRP community amid a rise in sophisticated online scams. Founder Wietse Wind reported multiple cases involving phishing campaigns, fake applications, and impersonation attempts. The warning stressed that engaging with these fraudulent channels could result in immediate loss of funds.
Wietse Wind stated that scammers are targeting users through emails, fake social media accounts, and direct messages imitating XRPL Labs. These messages often reference false “service interruptions” or promote a non-existent “Xaman desktop client.” He confirmed, “There is no official desktop client or browser extension for Xaman.”
Attackers redirect users to malicious websites or prompt downloads of harmful files. They also attempt to trick users into revealing secret keys or recovery phrases. Once acquired, these details allow criminals to drain entire XRP accounts.
Warning!!
DANGER!!
Scammers are sending emails about interruptions & Xaman desktop clients
THIS IS FAKE! THIS IS SCAM! THEY TRY TO STEAL YOUR FUNDS!
There are no interruptions. THERE IS NO DESKTOP CLIENT. WE DO NOT SEND EMAILS
Only trust our App & our support in the app pic.twitter.com/kw2ZlvgNTY
— WietseWind (
@ Xaman®, XRPL & Xahau) (@WietseWind) August 11, 2025
Reports indicate that counterfeit tokens and web wallets are also being distributed. Scammers use XRPL-related branding to gain user trust quickly. As a result, unsuspecting users are more likely to interact with fraudulent platforms.
XRPL Labs has clarified that its design deliberately avoids desktop and browser-based transaction signing. The company cited significantly higher risks in those environments. The official Xaman wallet operates exclusively as a mobile application.
Wind emphasized that XRPL Labs does not send unsolicited emails or out-of-app support messages. All genuine assistance is provided directly within the mobile application. Users can verify authenticity through XRPL Labs’ published list of communication channels.
Community members are advised to treat any external message as potentially dangerous. They should avoid clicking unfamiliar links or installing unverified software. Even urgent-sounding service alerts must be confirmed within the official Xaman app.
The advisory stressed that security responsibility begins with each user. XRPL Labs urged holders to report impersonation accounts, phishing attempts, and suspicious links. These reports should be made both to the hosting platform and through official XRPL support.
Maintaining asset safety requires exclusive use of official XRP Ledger products and channels. Engaging with unverified sources exposes accounts to immediate compromise. Therefore, users should never share recovery information under any circumstances.
Wind’s statement highlights the growing risks as XRP adoption expands. Holders can prevent unauthorized access by staying within verified XRPL environments, which remain the most reliable defense against evolving online scams.
The post Founder of XRPL Labs Warns of Rising Threat Targeting XRP Holders appeared first on Blockonomi.
