Never ever expose your secret phrase

The 12 or 24 words secret phrase is the most important piece of data you need to take care about. Keep it in a safe and secure place. Never expose your secret phrase!

Twitter or Telegram customer support DM scams are the most present ones. Scammers watches the organisation customer support on Twitter or Telegram and injects themselves into the conversation at opportune moments. Scammers are emphatic about keeping the recovery phrase safe. They just want to gain your trust first, but their main goal in the end is to get your secret phrase. Once there is enough level of trust build, the scammer will start to persuade you to apply or join a “too good to be true” promotion or a giveaway, but once you start to engage with that through a link you will typically land into a phishing page where the secret phrase is stolen.

Please bear in mind that whoever possesses the secret phrase, holds the access to your wallet and all your funds. If you hold a lot of coins, it would clearly be disastrous for you. Below you can find a scam to make you aware of the risks. This is by no means an exhaustive example but it gives an indication of the many scams taking place. Do not fall into it!

It all starts with a DM on social media

If you receive something like this, treat it with cautions and be vigilant. The best approach would be to ignore it and report it.

In case you will click on that link, the websites look and feel of a legitimate business and their false claims of being affiliated with a trustworthy entity or service will make it very hard for you to spot the scam and there is a high probability to fall into it.

The fake websites look and feel of a legitimate business

In case you land into this kind of website, you can sill have some tools which would help you to assess whether this is a scam or a trustworthy page. (1) No two websites can ever have the same URL. Scammers hope to get around this by making their fake website’s URL very similar to the real service. Check the page URL and try to spot typos or discrepancies. Or (2) in this specific example they used a github.io subdomain page, which can be even more difficult to assess. Therefore if it doesn't make sense or you simply suspect something, just get out from that page.

At the end they will ask for the secret phrase

If you reached this point, you need to be in high alert mode since you are asked to fill the secret phrase. The 12 or 24 words secret phrase is the most important piece of data you need to take care about. Keep it in a safe and secure place. Never expose your secret phrase! Otherwise you will lose access to all your funds and suffer a permanent loss.

Only use URLs from official sources. You could also use databases that list known phishing URLs and point you to legitimate ones. One such database is cryptoscamdb.org

How to keep your crypto secure?

Secret phrases, passwords, pass codes, pass phrases, pass-whatevers are meant to be secrets, and they aren’t secrets anymore if you expose them. Keep them in a safe and secure place. No true business will ever ask for your secret phrases or private keys, therefore don’t give them out. It’s the surest way to lose control of your wallet. Prevent falling victim, because once the scammers have your secret phrase, they got your crypto assets too. You almost certainly won’t be able to recover it.

Let's talk

Please feel free to get in contact with us. We are always open to receive feedback. As well, don’t hesitate to let us know if something doesn’t work as it should.