phishing
Phishing is a social engineering attack where a scammer impersonates a trusted entity to trick someone into revealing private keys, seed phrases, or login credentials.
Phishing attacks targeting Bitcoin users typically involve fake websites, emails, browser extensions, or mobile apps designed to look identical to legitimate services. A user who enters their seed phrase or private key into a phishing site hands the attacker complete and irreversible control over their funds. Unlike bank account fraud, there is no chargeback mechanism in Bitcoin. Once a private key is stolen, the funds can be moved instantly and there is no authority to appeal to for recovery.
Common phishing vectors include fake wallet apps in app stores, lookalike domains (for example, "bItc0in.org" instead of "bitcoin.org"), emails claiming an account has been suspended, browser extensions that intercept clipboard data to replace copied addresses, and social media accounts impersonating well-known figures. QR codes shared in public forums have also been used to redirect payments to an attacker's address. Scammers frequently use urgency as a lever, claiming limited-time offers, security alerts, or giveaway promotions to pressure users into acting without verifying.
The most reliable defense against phishing is to verify before you act. Bookmark the official URLs of services you use regularly and only access them from those bookmarks. Never enter a seed phrase or private key into any website or app under any circumstances: no legitimate service will ever ask for it. Enable two-factor authentication on exchange accounts where possible. When copying a bitcoin address, verify at least the first and last several characters after pasting, since clipboard-hijacking malware is a real and documented threat.