Published in


4 Common Crypto Phishing Attacks & How to Avoid Them

4 common crypto phishing attacks and how to avoid them: what are spear phishing, DNS hacking, phishing bots, and fake browser extensions, and how can you avoid being a victim.

Read the latest articles in the new NGRAVE Blog.

Phishing scams predate the cryptocurrency industry, with the first documented attack believed to have been carried out in the mid 90s. Though the overarching goal of phishing is simply to defraud unsuspecting victims of money, the fact that such ploys are executed by tech-literate hackers means they’re increasingly used to steal digital assets. Not least because cryptocurrencies confer greater privacy protections than fiat, meaning hackers can vanish into the night with their ill-gotten gains.

Here are four of the most common phishing attacks, plus useful tips for protecting yourself from cybercriminals.

1. Spear phishing

A spear phishing attack is when an attacker targets specific individuals with customized messaging — typically a phony email purporting to be from a trusted sender.

A recent report by data protection firm Barracuda Networks highlighted the growing prevalence of spear phishing attacks, whereupon attackers target specific individuals with customized messaging — typically a phoney email purporting to be from a trusted sender.

Oftentimes the aim of the attacker will be to compel recipients to reveal sensitive information, or induce them to visit a malware-ridden website. According to Barracuda’s report, the average organization is targeted by over 700 such social engineering attacks every single year.

As far as crypto is concerned, phishing emails and text messages purporting to be from hardware wallet providers such as Trezor — or even cryptocurrency exchange platforms — attempt to induce the recipient to ‘update’ their seed phrase or change their password, after which the thief can steal log-in credentials and drain the wallet in question. Another tactic is to entice users with plausible promotions, as was the case with the attack on Celsius users earlier this year.

So, how can you immunize yourself from spear phishing? At a company level, there are myriad solutions: staff training to increase employee awareness and reporting; machine learning utilization to analyze communication patterns; AI tools to ensure account-takeover protections. Individuals, meanwhile, should take steps to verify the legitimacy of senders, carefully vet links and sender email addresses, avoid open Wi-Fi networks, and have 2-Factor Authentication in place. Above all, be extremely wary about any email from which you are asked to enter a log-in and password.

2. DNS hijacking

DNS hijacking occurs when hackers replace legitimate websites with a malicious interface, fooling phishing users into entering their private keys on the fraudulent domain.

Some phishing schemes are more sophisticated than others. Take DNS spoofing attacks, for example. With this decades-old scam, cybercriminals hijack legitimate websites and replace them with a malicious interface, before phishing users into entering their private keys on the fraudulent domain. Earlier this year, two major defi projects built on Binance Smart Chain — namely PancakeSwap and Cream Finance — fell victim to such an attack, although it was unclear how many users had been duped.

One of the most effective ways of protecting yourself from a DNS attack is to use a VPN, since it bypasses your router’s settings by sending traffic via an encrypted tunnel. You should also be diligent about checking the URL in your browser to ensure the website certificate is trusted, and heed any warnings that indicate your connection to a site is insecure. Of course, storing your crypto offline in a tamper-proof hardware wallet like NGRAVE, rather than interacting with funds online, is also good practice.

3. Phishing bots

Five years ago, we were told that an army of ‘bots’ influenced both the Brexit referendum and the U.S. Presidential election. Whether these claims had merit is beyond the scope of this article, as we’re interested in a different kind of villain: the sort created to steal our precious seed phrases.

The phishing request comes from an account that looks ‘normal’ (but few followers), helpfully suggests filling out a support form on a major site like Google sheets (hard to block), [and] asks for your secret recovery phrase. Metamask.

Back in May, Ethereum-based crypto wallet MetaMask drew users’ attention to a phishing attack perpetrated by phrase-stealing bots on Twitter. “The phishing request comes from an account that looks ‘normal’ (but few followers), helpfully suggests filling out a support form on a major site like Google sheets (hard to block), [and] asks for your secret recovery phrase,” explained MetaMask, before dispensing some sage advice on how to protect oneself: “ONLY seek support from WITHIN the app you want help on.”

ONLY seek support from WITHIN the app you want help on. Metamask.

While it might seem like a good idea to verify that correspondence has come from an official account, this strategy isn’t full-proof: social media accounts can be hacked like any other, as evidenced by the great Twitter hack of 2020 that earned cybercriminals $121,000 worth of bitcoin.

4. Fake browser extensions

Fake browser extensions are built by hackers to trick users and steal funds from them.

In the cryptosphere, we’re accustomed to using all sorts of browser extensions with the aforementioned MetaMask proving especially popular. Unfortunately, cybercriminals are turning this predilection to their advantage by creating fake extensions and stealing funds from users. Last year, a malicious Chrome extension called Ledger Live was downloaded over 120 times before being booted out of the Chrome Web Store. Troublingly, attackers were able to leverage Google Ads to promote the product and attain an air of legitimacy.

The take-home? Don’t rely on web stores to properly vet the extensions they make available. If downloading a crypto extension, check its profile page to ensure it has plenty of reviews and comes from a trusted developer. Scrutinize the permissions the extension asks for (Chrome Settings>Extensions>Details) to check that they accord with its features. Oh, and you might want to download an extension directly from a link on the company’s website.

5. Conclusion

There are other general rules you should consider following to protect yourself from phishing scams. For example, it’s smart to bookmark verified sites where you typically input sensitive information. Ditto saving contact email addresses from crypto companies with whom you interact. Countless people have also fallen victim to phishing emails or malicious websites that feature a subtle misspelling of a legitimate address. It may seem like a chore, but double-checking URLs is a good habit to get into.

Knowing how phishing scams work is the first and most important step to protecting your crypto wealth. Follow the tips outlined above and the only thing you’ll have to worry about… is the market.

Read the latest articles in the new NGRAVE Blog.

Protect your funds with The Coldest Wallet

Hot wallets are convenient tools for real-time transactions but are highly vulnerable to phishing attacks and far from being a secure storage option. Ideally, users should use them for trading small funds, while most of their coins are safely stored in cold wallets. To that end, NGRAVE ZERO is of great help: an easy to use hardware wallet featuring the highest security in the world: EAL7. Get your own ZERO here.

How secure are your crypto? Take the test!

The NGRAVE team created a test where you finally face yourself: how secure do you think you are versus how secure you really are. Not only versus yourself, but also in comparison with your peers and much more.

You can take the test here, all information is treated confidential and with respect to data privacy regulation.

Interested in reading more? Here are the top 10 biggest heists that shocked the entire crypto industry:


NGRAVE is a digital asset security company and creator of the world’s most secure cryptocurrency wallet, NGRAVE ZERO. ZERO boasts — as the only financial product in the world — the highest security certification: EAL7. It was developed in collaboration with a world-renowned team of cryptography and security experts. Please visit to learn more.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


We moved to our new blog! Find the latest articles at | The World’s Most Secure Cryptocurrency Hardware Wallet | #TheColdestWallet