Phishing
What is phishing?
Phishing is a method of fraud where scammers impersonate well-known services to steal your login credentials, private keys, or seed phrase.
To access users' funds, scammers use various tactics:
Fake Websites
They look almost identical to the real ones, with minor domain differences (e.g., mytonwallett.io instead of mytonwallet.io).
Fake Support
Scammers pretend to be support staff offering "help" with your issues—real or not.
Fraudulent Bots
Bots in Telegram or other services ask for personal details or lead you to suspicious links.
Hidden Hyperlink Substitution
A link might look legit — like — but actually redirect to a fake one, such as t.me/myappnotscam.
Always double-check the real destination. On desktop, hover your cursor to preview the link. On mobile, tap and hold to reveal where it leads.
How it works?
Here's that scammers do:
Building Trust
They create a sense of urgency, warn users about potential risks, or offer free help with account problems.
Stealing Data
Users are redirected to a fake site or form, or asked to share login details or sign a malicious transaction.
Withdrawing Funds
Once the scammer gains access, they withdraw users' funds immediately.
How to protect yourself from phishing?
Always check the domain of the site and the support accounts you're dealing with.
Don’t click suspicious links in emails or messages.
Avoid downloading files or apps from untrusted sources.
Enable 2FA for your accounts whenever possible.
Never share your seed phrase with anyone.
Remember
If an offer sounds too good to be true, it probably is.
Stick to basic security rules to protect your funds.
Last updated