Phishing & Scams

The cryptography behind Monero is extremely strong — so attackers rarely try to break it. Instead, they try to trick you. Almost every real-world loss comes from a scam, not a hack. In this lesson you will learn to recognize the most common scams targeting Monero users — fake wallets, seed-phishing, and support impersonation — and the simple rules that defeat them all.

The One Rule That Stops Most Attacks

Before the details, memorize this: never reveal your seed phrase, and never type it anywhere except your own wallet when restoring. No legitimate person, company, app, or "support agent" will ever need your 25 words. Anyone who asks is trying to rob you. That single rule blocks the majority of scams instantly.

Fake Wallet Apps and Downloads

A widespread scam is software that looks like a real Monero wallet but is built to steal. It might generate a seed the attacker already knows, or silently send your seed to them, or swap addresses when you send. How to stay safe:

Download only from official sources — for the official wallets, the getmonero.org downloads page. Verify hashes or signatures when provided.
Beware search-engine ads and lookalike domains; type the address yourself or use a known-good bookmark.
Watch for app-store clones with slightly wrong names, odd developers, or few reviews.
Confirm you are using a wallet from the trusted list in Monero Wallet Types.

Seed-Phishing

Seed-phishing tries to get you to enter your 25 words somewhere the attacker can read them. It comes in many costumes:

A fake website claiming to "validate", "sync", or "verify" your wallet by entering your seed.
A pop-up or email warning of a problem and linking to a form that asks for your phrase.
A "migration" or "airdrop" that requires you to import your seed to claim something.

All of these are theft. Restoring a wallet happens locally in the wallet app you installed — never on a web page, never in a chat, never to "prove" ownership.

Support Impersonation

Scammers pose as helpful support staff, often appearing exactly when you are frustrated:

They reach out first in comments, DMs, forums, or chat groups after you mention a problem — real support rarely does this.
They ask for your seed, password, or remote access to "fix" your wallet.
They create fake support channels impersonating a wallet or exchange.

Treat unsolicited help with deep suspicion. Find support yourself through official channels, and never share secrets or screen-share your wallet with a stranger.

Other Scams to Know

Fake giveaways — "send 1 XMR and we'll send back 2." Money sent is gone; Monero transactions are irreversible.
Address-swapping malware — clipboard hijackers replace a copied address with the attacker's. Always paste and check the first and last characters, as stressed in Sending Monero.
Romance and investment "opportunities" — relationships or schemes that steer you toward sending crypto. Promised guaranteed returns are a red flag.
Fake exchanges or swap sites that take your funds and vanish — prefer reputable, well-known services.

Red Flags Checklist

Pause whenever you notice any of these:

Anyone asking for your seed or password — always a scam.
Urgency or fear — "act now or lose your funds." Pressure is a manipulation tactic.
Unsolicited help or messages offering to fix, upgrade, or reward you.
Too-good-to-be-true returns, doublings, or free coins.
Slightly-wrong URLs, app names, or sender addresses.

Build Good Habits

Most defenses are simply slowing down and staying skeptical, the mindset from Wallet Security Basics. Keep software updated, bookmark official sites, verify downloads, and never let urgency rush you into revealing a secret or sending funds.

Scammers rely on haste, fear, and trust — not on breaking Monero. If you keep your seed private, download only from official sources, and treat unsolicited help as a warning sign, you defeat nearly every attack out there. Next, let's make sure a simple accident never costs you anything by learning proper Backups and Recovery.