Scam Alert

If you feel rushed — stop.

Scammers don’t win by being smart. They win by making you act fast. If anyone is pressuring you to pay right now, share a code, or install remote access — treat it as a scam until you verify it yourself.

You don’t need to click anything on this page. Use it as a checklist while you verify. Jump to: What to do now, Verify QIX, Report.
Rule 1
Never pay through DMs, texts, or “support chats” you didn’t open yourself.
Rule 2
Never share one-time codes (MFA), recovery phrases, or password reset links.
Rule 3
Never install remote access from an unverified person. That’s how accounts get emptied.
What to do now

Two minutes. Zero emotion.

Don’t argue. Don’t negotiate. Don’t “finish the conversation.” Your goal is containment and proof.

If you are in immediate danger, contact local emergency services.
1) End contact

Close the chat. End the call. Stop replying. Scammers keep you talking to keep you compliant.

  • Do not install anything.
  • Do not share screen.
  • Do not click “verification” links from them.
2) Capture evidence

Screenshot the entire thread: names, emails, phone numbers, domains, receipts, wallet addresses.

  • Save the exact URL (copy/paste).
  • Write a 3-line timeline: what happened + when.
  • Keep transaction IDs if money moved.
3) Lock the “master keys”

Start with email and banking. Those are the keys that unlock everything else.

  • Change email password first.
  • Enable MFA (auth app preferred).
  • Remove forwarding rules you didn’t set.
4) Freeze the money path

If you paid by card/bank: call your bank now. If you paid by crypto: report anyway (speed matters).

  • Ask about chargeback/fraud process.
  • Flag the merchant / recipient.
  • Keep your report numbers.
Patterns

Their playbook is predictable.

This section is awareness — not instructions. The goal is to recognize the pattern early and exit.

The domain is usually “nearly correct” (extra dash, swapped letters, different ending). Verify by typing the address yourself and comparing character-by-character.
“Pay in 10 minutes or you lose access” is a control tactic. Legit support doesn’t force panic payments. Pressure is the red flag.
Remote tools let them intercept passwords, capture MFA, and move money. Real professionals can often diagnose without demanding control of your device.
They push irreversible methods (crypto, wire, gift cards). Safer rule: pay only through the official checkout inside the official site (or the verified provider portal).
Fear keeps you in the conversation. You don’t owe an unverified person anything. End contact, document, and report through official channels.
Verify

Verify official QIX links.

The only safe move is independent verification. Type it yourself. If the link you received is different by even one character — don’t proceed.

Tip: Open the menu (top right) for the official links list site-wide.
Official domains
qix.studio

This is the only official QIX website domain. Spelling must be exact.

qixstudio.outseta.com

QIX uses an official Outseta portal for login/checkout. Verify the full URL bar before entering anything.

Official QIX pages

These are safe pages to compare against. If you were sent a different path — treat it as suspicious.

If you still feel unsure, don’t pay. Contact support from the official site menu.

Report

Report it — official portals.

Reporting quickly can help with investigations and recovery. Use your region’s official reporting site.

Other regions (EU / AU / NZ): open your national cybercrime portal or consumer protection agency. If you’re unsure where to start, Europol keeps a country list: Europol — report cybercrime online.
Recovery

If you already paid or shared info.

You still have moves. The goal is containment + documentation — in that order.

Priority: email → banking → password manager → everything else.
Contain
  • Change your email password first.
  • Enable MFA on email + payments.
  • Sign out other sessions/devices.
  • Remove unknown apps with access.
Document
  • Save receipts, transaction IDs, emails, chat logs.
  • Screenshot the domain + page + profile.
  • Write a simple timeline (timestamped).
Notify
  • Call your bank/card issuer immediately.
  • File reports (IC3/Action Fraud/etc.).
  • Ask for a case/report number.
Harden
  • Use unique passwords (password manager).
  • Prefer authenticator app over SMS where possible.
  • Verify domains before you click. Always.
Need a second opinion?

If something feels off, pause and ask.

Don’t pay until you verify the domain and path. If you want help verifying a message or link, contact QIX from the official site.

Open Support
(Support link is also in the header menu.)