Phishing is a social engineering attack where a scammer impersonates a trusted person, company, or service to trick someone into revealing sensitive information or sending funds. In crypto, phishing commonly targets exchange logins, seed phrases, private keys, and two-factor authentication codes, information that can give an attacker direct control over a wallet.
How phishing works in crypto
Phishing typically arrives through email, direct messages, SMS texts, social media, or search ads that lead to lookalike websites. A victim might receive a message claiming their exchange account is “locked” and be prompted to click a link to “verify” their identity. The link may open a clone of a legitimate login page, capturing usernames, passwords, and authentication codes. In other cases, attackers pose as wallet support staff and ask for a seed phrase to “restore” access. Because seed phrases and private keys are the master credentials to a wallet, sharing them often results in irreversible theft.
Crypto phishing also appears inside broader investment scams. For example, fraudsters may promise high returns, then direct users to a fake dApp or “staking” site that requests a wallet connection and approval. The site may trick users into signing a malicious transaction that grants permission to transfer tokens, or it may install malware that searches for wallet data.
Common forms and why it is effective
Phishing can be broad, sent to many people at once, or highly targeted, known as spear phishing. Variants include vishing, which uses phone calls or VoIP, and smishing, which uses text messages. These attacks work because they exploit urgency, authority, and familiarity, rather than breaking cryptography.
Phishing matters in the crypto ecosystem because blockchain transactions are difficult to reverse and users often act as their own bank. Protecting credentials, verifying URLs, and treating unsolicited “support” requests with skepticism are essential habits for keeping digital assets safe.