Security & Privacy

Phishing (Crypto)

A social engineering attack where scammers impersonate legitimate projects or exchanges to steal wallet credentials or seed phrases.

Phishing (Crypto) — Phishing in cryptocurrency is a social engineering attack where scammers impersonate legitimate projects, exchanges, or individuals to trick victims into revealing private keys, seed phrases, or signing malicious transactions that drain their wallets.

How It Works

Crypto phishing attacks use multiple vectors to reach victims. The most common include fake websites that mimic real DeFi protocols or exchanges, malicious links shared via Telegram, Discord, Twitter, or email, and counterfeit wallet pop-ups that request seed phrase entry. Advanced phishing attacks may use compromised DNS records to redirect traffic from legitimate domains to attacker-controlled servers.

A particularly dangerous variant is transaction phishing, where a victim is tricked into signing a seemingly harmless transaction that actually grants the attacker token approvals or transfers assets. Modern phishing sites often present a realistic-looking swap or claim interface, but the underlying transaction data contains malicious contract calls. Once signed, these transactions are irreversible.

Phishing campaigns in crypto are highly targeted and timely. Attackers monitor project announcements and immediately create fake airdrop claim sites, fake customer support accounts, and fraudulent migration portals within minutes of a legitimate announcement.

Why It Matters

Phishing is the single largest cause of individual crypto losses, exceeding even smart contract exploits in total value stolen. Unlike protocol hacks that may be partially recovered through governance votes or insurance, phished funds are almost never returned because they are immediately laundered through mixers and cross-chain bridges.

Even experienced traders fall victim to sophisticated phishing. Bookmark legitimate sites, verify URLs character by character, never enter your seed phrase on any website, and use hardware wallets that display transaction details on a trusted screen before signing. Treat every unsolicited DM, email, or link as potentially malicious.

Real-World Example

A trader receives a Discord DM appearing to be from a popular NFT project, claiming they won a whitelist spot. The link leads to a site that looks identical to the project's official minting page. When the trader clicks "Mint," their wallet prompts a transaction — but instead of a mint function, the transaction calls setApprovalForAll, granting the attacker permission to transfer all NFTs from the victim's wallet. Within seconds, the attacker sweeps every valuable NFT and lists them for sale.

Related Terms

Blockchain & Crypto Fundamentals

Private Key

A secret cryptographic string that grants full control over a wallet's funds; losing it means losing the wallet permanently.

Read definition Blockchain & Crypto Fundamentals

Seed Phrase (Mnemonic)

A 12- or 24-word human-readable backup of a wallet's private key, used to restore access to a wallet on any device.

Read definition DeFi & AMM

Smart Contract

Self-executing code stored on a blockchain that automatically enforces the terms of an agreement without intermediaries.

Read definition Security & Privacy

Social Engineering (Crypto)

Manipulating people into revealing private keys or approving malicious transactions through fake support, giveaways, or impersonation.

Read definition Security & Privacy

Drainer (Crypto Scam)

A malicious smart contract or phishing tool designed to steal all tokens and NFTs from a wallet upon approval.

Read definition

Frequently Asked Questions

Common questions about Phishing (Crypto) in cryptocurrency and DeFi.

How can I identify a crypto phishing attempt?

Check the URL carefully for misspellings or extra characters, verify announcements through official channels before clicking links, never share your seed phrase with anyone, and be suspicious of urgent or too-good-to-be-true offers. Legitimate projects will never DM you first or ask for your private keys.

Can a hardware wallet protect me from phishing?

A hardware wallet adds a layer of protection by requiring physical confirmation and displaying transaction details on its screen. However, if you approve a malicious transaction on your hardware wallet without carefully reviewing the details, your funds can still be stolen. Always verify the contract address and function being called.

What should I do if I clicked a phishing link?

If you signed a transaction, immediately revoke all token approvals using Revoke.cash and transfer remaining assets to a new wallet with a different seed phrase. If you entered your seed phrase, create a new wallet immediately and transfer all assets before the attacker can act. Report the phishing site to the community and relevant platforms.

Ready to put your knowledge into practice?

Start Boosting