Phishing (Crypto)
A scam that tricks people into revealing crypto wallet keys, seed phrases, passwords, or approvals so attackers can steal funds.
Phishing in crypto is a type of scam where an attacker impersonates a trusted service, wallet, exchange, project, or support agent to trick someone into giving up access to their assets. The goal is often to steal a seed phrase, private key, login code, or to get the victim to sign a malicious wallet transaction. Because crypto transactions are typically irreversible and wallets can be self-custodied, a successful phishing attempt can quickly drain funds with little chance of recovery.
Common examples include fake exchange login pages, imitation wallet pop-ups, fraudulent airdrop claims, and direct messages pretending to be customer support. A phishing site may look almost identical to the real one, but its purpose is to capture credentials or prompt a dangerous approval, such as granting a scam contract permission to spend tokens. A useful comparison is a fake bank email, but in crypto the attacker may not need your password if they can get your seed phrase or a signed approval.
Other terms in Wallets & Security
Address Poisoning
A wallet scam where attackers plant lookalike addresses in your transaction history so you might copy the wrong recipient later.
Approval Phishing
A scam that tricks users into granting a malicious wallet or smart contract permission to spend tokens from their wallet.
BIP-39
A standard for turning wallet backup data into a human-readable seed phrase, usually 12 or 24 words.
Crypto Wallet
A tool that stores and manages the private keys needed to access and use cryptocurrency on a blockchain.