Phishing
What is Phishing?
Phishing is a type of fraud where criminals impersonate representatives of well-known services to deceitfully obtain your confidential data: logins, passwords, private keys, or seed phrases.
To achieve this, scammers use various tactics:
Fake websites. They look like the original, but the domain is slightly different (for example: mytonwallett.io instead of mytonwallet.io).
Fake support. Scammers pose as customer service and offer "help" with a problem—real or fabricated.
Fraudulent bots. In Telegram and other services, these bots may request your personal data or ask you to click on fake links.
What do scammers do next?
Establish contact
They create a situation where the victim trusts the scammer. This could be an urgent warning about the risk of losing funds, a message about "suspicious activity," or an offer to resolve an account issue.
Collect data
Scammers redirect the victim to a fake website or form to fill in personal information or ask for these details directly. Here, users may be asked for their login and password, seed phrase, to sign a malicious transaction, or to confirm their identity.
Steal funds
After obtaining the data, scammers withdraw funds or use your account for further attacks.
How to protect yourself from phishing?
Always double-check the website address or account authenticity.
Do not click on suspicious links from emails or messengers.
Never share your seed phrase or private key with anyone—customer support does not need this information to assist you.
Do not download files or apps from untrusted sources.
Enable two-factor authentication (2FA) for extra protection of your accounts.
Remember
If an offer sounds too good to be true, it probably is.
Stick to basic security rules to protect your funds.
Never share your seed phrase with anyone.
Last updated