Web3 Dictionary Logo
Web3 Dictionary
Contribute

Categories

AllBlockchainDappsDAOsDeFiNFTsRegulationSecuritySmart ContractsTokenomicsWalletsWeb3 GamingOthers
  1. Web3 Dictionary
  3. Security
  6. Phishing
Security

Phishing

Social engineering attacks designed to steal private keys or wallet approvals.

Last Updated

2026-03-29

Related Concepts

Private KeySeed PhraseHoneypot
Web3-Explorer Logo

Web3 Security

AD

Security frameworks, smart contract reviews, and compliance alignment to reduce risk and protect users.

Review Security Services

What is Phishing?

Phishing tricks users into revealing private keys, seed phrases, or signing malicious approvals. Unlike technical hacks, phishing exploits human trust and the losses are irreversible.

How does Phishing work?

  1. Attacker creates a fake version of a legitimate DeFi site or wallet.
  2. Users are directed there via fake emails, Discord DMs, or social media posts.
  3. The victim enters their seed phrase or signs an approve transaction granting the attacker full access.
  4. Funds are drained instantly and permanently.

Why does Phishing matter?

It is the single most common cause of crypto loss. Because blockchain transactions are immutable, there is no way to reverse theft once a signature is given.

Key features of Phishing

  • Exploits human trust, not technical bugs
  • Uses near-identical clones of real sites
  • Delivered via email, Twitter, and Discord
  • Irreversible losses due to blockchain finality

Examples of Phishing

A Discord DM claims you won a prize and asks you to "verify" your wallet on a fake MetaMask site. A fake NFT project Twitter account posts a "stealth mint" link that is actually a drainer contract.

Always double-check URLs and never enter a seed phrase on any website.

External References

  • What Is Phishing? (Binance Academy)
  • Crypto Security Guide (Ethereum.org)