Get Started Wallets Trading Security DeFi Staking NFT Glossary About
Home/Security/Phishing Protection

Phishing Protection Guide

Essential 12 minutes 4 steps
0% Complete

Phishing is the #1 way crypto gets stolen. Learn to spot these attacks before you lose everything.

Step 1

Identifying Phishing Attempts

Common Phishing Tactics:

  • Fake websites - Look identical to real sites but steal your info
  • Scam emails - Pretend to be from exchanges/projects
  • Discord/Telegram DMs - "Support" reaching out about "issues"
  • Fake Twitter accounts - Impersonating projects/influencers
  • Google ads - Scam sites appearing as ads for real sites

Red Flags:

  • ✗ Urgent language ("Act NOW!", "Your account will be locked")
  • ✗ Requests for seed phrase or private keys
  • ✗ Misspelled URLs (coinbse.com, metamsk.io)
  • ✗ Unsolicited DMs from "support"
  • ✗ Too-good-to-be-true offers
  • ✗ Poor grammar and spelling
The Golden Rule

NO legitimate service will EVER ask for your seed phrase. Not support, not "verification", not ever. Anyone asking is a scammer.

Step 2

Email Safety

Before Clicking Any Email Link:

  1. Check sender's email address (hover to see full address)
  2. Look for generic greetings vs your name
  3. Be suspicious of any urgent requests
  4. Don't click links - go directly to the site instead

Fake vs Real Email Examples:

  • ✗ support@coinbase-security.com (FAKE)
  • ✓ support@coinbase.com (Real)
  • ✗ noreply@metamask-verify.io (FAKE)
  • ✓ Email from metamask.io domain (Real)
The Safe Approach

Never click links in emails. Instead:
1. Open a new browser tab
2. Type the official URL directly
3. Log in and check for any notices there

Step 3

Website Verification

Always Verify:

  1. URL is correct - Check every character
  2. HTTPS padlock - Secure connection
  3. Bookmark official sites - Use your bookmarks, not search
  4. Be careful with search ads - Scammers buy ads for fake sites

Official URLs to Bookmark:

  • MetaMask: metamask.io
  • Coinbase: coinbase.com
  • Uniswap: app.uniswap.org
  • OpenSea: opensea.io
  • Ledger: ledger.com
Google Ads Scam

Scammers buy Google ads for terms like "MetaMask" or "Uniswap". Their fake sites appear at the TOP of search results. Always skip ads and find the real site, or use bookmarks.

Step 4

If You Clicked a Phishing Link

Immediate Steps:

  1. Don't panic - Stay calm and act quickly
  2. Disconnect wallet if still connected
  3. DON'T enter any information if you haven't already
  4. Close the tab immediately

If You Entered Your Seed Phrase:

  1. Create a new wallet immediately on a clean device
  2. Transfer assets from compromised wallet to new wallet
  3. Race against scammers - be faster than them
  4. Never use the compromised wallet again

If You Approved a Malicious Transaction:

  1. Go to revoke.cash
  2. Connect your wallet
  3. Revoke the suspicious approval
  4. Consider moving assets to new wallet
Prevention Is Best

No recovery method is foolproof. The best protection is never clicking suspicious links in the first place. When in doubt, don't click.

Phishing Expert!

You can now spot phishing attacks. Stay vigilant!

Wallet Security
Wallet Security Next: Password Security
Copied to clipboard!