Solana users are reporting a wave of fake CJUP tokens landing in wallets as part of a scam impersonating Jupiter. The setup is simple: an unsolicited token using Jupiter-style branding appears out of nowhere, then its metadata points users to a supposed promotion or claim page.
The token itself is the bait. The real danger starts if someone follows that link, connects a wallet, and approves prompts on a phishing site, because that is where scammers can gain the permissions needed to drain funds.
If a token shows up unexpectedly, even with a familiar name or logo, the link inside the listing should not be trusted. Jupiter’s official channels should be used for verification, and navigation there should be direct.