Spotting phishing & scams
- Never follow login or signature links sent in DMs or emails — type the site URL or use a bookmark.
- Be suspicious of messages promising giveaways or urgent actions asking you to sign a message.
- Check URLs for small typos, extra words, or non-standard domains (typosquatting).
Alert: A request to sign a message that transfers assets or gives permission is dangerous — do not sign unless you fully understand it.
If you think your wallet is compromised
- Immediately revoke approvals / disconnect the site from your wallet (use wallet UI or trusted revoke tools).
- Move remaining safe assets (if any) to a new wallet with fresh keys (do this only if you are sure the new wallet is uncompromised).
- Report the incident to the marketplace support (via verified channels) and to community/chain explorers if NFTs were stolen.
Prevention & backup
- Use hardware wallets for high-value items and confirm everything on-device.
- Use a separate wallet for browsing vs. long-term storage.
- Keep a secure, offline backup of recovery phrases; never store them digitally.