Phishing scams: what to do if you’ve connected your wallet to a malicious website

What is a phishing scam?

A phishing scam lures users to provide or grant access to sensitive information. When phishing scams target crypto wallets, they typically try to:

1. Steal a user’s Recovery Phrase, or
2. Connect the user’s wallet to a malicious smart contract.

These scams often come in the form of an email or text that may look very real or pretend to be from a trusted person or source, a fake website, and/or dapps or NFTs. 

In all cases, the purpose of the phishing attempt is to lure you into providing information that will allow the malicious actor to steal your tokens or funds.

What do I do if I have connected to a malicious website?

If you’ve connected to a malicious website or notice some funds have unexpectedly left your wallet, you should follow these steps:

1. Immediately move your funds to an uncompromised address.
2. Delete your account

Lastly, report the website and alert entities if they are being impersonated.

• Google’s Report Phishing Page

How do I know if I have connected to a malicious website?

1. Check if the URL is legitimate 
   • A malicious website can look similar to a reputable website, but it cannot fake its URL. Open a browser and type in the trusted URL you think you’re visiting; compare that URL to the link you suspect is malicious. If there are differences, don’t visit the malicious URL. 
2. Check the security certificate
   • Click the padlock icon in the address bar to view the site’s security certificate details and ensure they match the legitimate organization’s details.
3. Paste the URL into a search engine and see if it is associated with phishing or scam reports.
4. Consider if you are being offered something too good to be true. Tokens with any real value are rarely, if ever, given out for free.
5. Check your balance and your activity
6. If you notice that your balance is lower than expected and/or your wallet or address on a blockchain explorer shows transactions you don't recognize, investigate the transactions. Have you recently connected to a new dapp or website, signed a transaction, or entered your Recovery Phrase? In that case, you may have connected to a malicious website, and you should take corrective action.

Never enter your  Recovery Phrase unless you completely trust the website or wallet. If anything feels or looks suspicious, then stop and research to confirm the legitimacy and trustworthiness of the website or wallet. 

How do I recover my funds?

Fund recovery is not possible due to the immutable nature of blockchain transactions. To avoid further losses, follow the steps above.

Disclaimer: Users are encouraged to conduct their own research. Valora is a self-custodial wallet and does not assume responsibility for any loss of funds.