Skip to main content

Overview

Phishing in cryptocurrency involves deceptive attempts to steal funds or credentials by impersonating legitimate projects, people, or services. Crypto phishing is particularly dangerous because transactions are irreversible.
Phishing is the most common attack vector in crypto. Always verify URLs, check official announcements, and never share seed phrases.

Types of Crypto Phishing

Website Phishing

  • Fake websites mimicking legitimate projects
  • Often use similar domain names (typosquatting)
  • Clone the UI of popular dApps

Social Engineering

  • Impersonating team members or support staff
  • Fake “verification” or “account issues”
  • Urgency tactics to pressure quick action

Airdrop Scams

  • Unsolicited tokens appearing in wallets
  • Links to “claim” more tokens
  • Interacting triggers malicious contracts

DNS Hijacking

  • Attackers compromise DNS records
  • Legitimate domain points to malicious site
  • Very difficult to detect

Detection Indicators

Red Flags

URL Warning Signs

  • Misspelled domain names (uniswap → un1swap)
  • Extra characters (opensea-claim.com)
  • Different TLD (.io instead of .com)
  • Subdomains used deceptively (uniswap.malicious.com)

Communication Red Flags

  • Unsolicited DMs about “opportunities”
  • Requests for seed phrases or private keys
  • “Limited time” urgency pressure
  • Requests to “verify” your wallet

Transaction Red Flags

  • Unexpected approvals requested
  • Transactions to unfamiliar contracts
  • Higher gas fees than normal
  • Multiple transactions bundled together

API Example

Response indicating phishing:

Protection Strategies

  1. Bookmark official sites - Never click links from messages
  2. Verify announcements - Check official Twitter/Discord for news
  3. Use URL checkers - Our URL Risks endpoint
  4. Enable 2FA - On all exchange and service accounts
  5. Never share seeds - No legitimate service will ever ask
  6. Check contract addresses - Verify against official documentation