Security · Question 2 of 8

What are phishing and fake websites?

Phishing tricks you into entering secrets — keys, seed phrases, or logins — on sites or messages that imitate trusted ones. Fake websites and apps are built specifically to capture that information.

How it works

Attackers create convincing copies of real sites, exchanges, or wallet apps, then drive you there via links in emails, ads, messages, or search results. Once you enter your details, they're captured.

How to avoid it

  • Navigate to important sites by typing the address yourself or using saved bookmarks.
  • Never enter your seed phrase on any website.
  • Be suspicious of links in messages, ads, and unexpected emails.
  • Check for subtle misspellings in addresses and domains.
Why it matters

Phishing is the delivery mechanism behind a huge share of losses. Good link hygiene neutralizes most of it.

A practical way to picture it

It's a counterfeit storefront with the real shop's sign out front — everything looks right until you hand over your keys.

Risks & common mistakes
  • Entering a seed phrase on a phishing site = total loss.
  • Sponsored search results can lead to fake sites.
  • Look-alike domains differ by a single character.
Put it into practice

Rehearse safely in the Wallet Simulator

Open ›

Related questions

Common crypto scamsRead answer ›Dangerous wallet approvalsRead answer ›What is a seed phrase?Read answer ›

Last reviewed 2026-06-25. This topic can change over time; always confirm current specifics from primary sources.

‹ What are the most common crypto scams? ↑ Return to Core Dangerous wallet approvals ›