Phishing

Phishing is a social engineering attack in which an attacker impersonates a trusted service — an exchange, wallet provider, mining pool, or support team — to trick users into revealing credentials, private keys, or seed phrases, or into sending funds directly.

Common forms

• Fake websites (typosquatting) — domains that closely mimic legitimate ones (e.g., kryptеx.com using a Cyrillic "е" instead of Latin "e"). The site looks identical to the real one but harvests your login credentials.
• Phishing emails — messages claiming your account is at risk, a payout is pending, or verification is required. Links lead to fake login pages.
• Fake wallet apps — counterfeit mobile or desktop wallet apps published on app stores that steal seed phrases on first launch.
• Fake pool or exchange URLs — shared in forums, Telegram groups, or Discord servers, often targeting miners looking for setup guides.
• Fake support agents — impersonators in social media or messaging apps who ask for your private key or remote desktop access to "fix" an issue.

How to protect yourself

• Verify URLs carefully before entering any credentials. Bookmark legitimate exchanges and pools.
• Never type your seed phrase or private key into any website or app that asks for it. Legitimate services never need it.
• Enable 2FA on all exchange and pool accounts using an authenticator app (not SMS).
• Download software only from official sources — the project's official website, not third-party mirrors.
• Be skeptical of unsolicited contact — real support teams do not reach out via Telegram or Discord DMs.

See also

• Hacker
• Malware
• Private Key
• Hardware Wallet