I was phished, scammed or hacked, can you help?

  • Updated

Unfortunately, transactions made on the blockchain are final and irreversible.

We understand how distressing it can be to experience a phishing attack, scam, or hack. However, due to the immutable nature of blockchain technology, transactions made on the blockchain are final and irreversible. The decentralized architecture of blockchains ensures that no single entity, including Phantom, has the authority or capability to reverse or block transactions once they have been confirmed.

This inherent security feature is fundamental to the blockchain’s design, promoting transparency and trust within the network. While this decentralization provides significant benefits, it also means that users must exercise extreme caution and vigilance in securing their wallets and transactions.

If you believe you have been targeted by a phishing attack, scam, or hack, we recommend the following immediate steps:

  1. Secure Your Account: Change your passwords and enable two-factor authentication (2FA) on all your accounts associated with your wallet.
  2. Report the Incident: Report the fraudulent activity to relevant authorities and platforms to help prevent others from falling victim.
  3. Monitor Your Wallet: Keep a close eye on your wallet for any unauthorized transactions or suspicious activity.
  4. Educate Yourself: Familiarize yourself with common security practices and stay updated on potential threats.


"I may have connected to a malicious website and I suspect they stole my tokens!"

If you suspect that you have connected to a malicious website which has initiated unauthorized transactions, immediate action is crucial to mitigate further potential losses. Please follow these steps:

  1. Disconnect from Malicious DApps:
    • Navigate to Settings > Connected Apps.
    • Select Disconnect All or specifically choose the malicious DApp to disconnect.
  2. Revoke Token Approvals:

Please note, while these steps may prevent additional unauthorized activity, there is a significant risk that this procedure may not fully secure your wallet. The safest course of action is to create a new wallet and transfer your funds there immediately.

Migrating to a New Wallet:

For comprehensive instructions on how to migrate to a new wallet with a new Secret Recovery Phrase, please refer to our migration guide.


"I might have given someone or a website my Secret Recovery Phrase"

If you have shared your 12 or 24-word Secret Recovery Phrase with a scammer or pasted it into a phishing website, it is critical to stop using this wallet immediately. The scammer now has complete control over your wallet and its assets.

Important Security Reminders:

  • Never Share Your Seed Phrase: Always be cautious and never trust anyone asking you to share your seed phrase under any circumstances.
  • Do Not Enter Your Seed Phrase Online: Never enter your seed phrase on any website. You do NOT need your seed phrase to connect to a website.
  • Phantom Support Will NEVER Ask for Your Seed Phrase: Phantom support will never ask you to share your Secret Recovery Phrase.

Immediate Actions:

  1. Stop Using the Compromised Wallet: Cease all activity with the hacked wallet to prevent further unauthorized access.
  2. Create a New Wallet: Generate a new wallet with a new Secret Recovery Phrase.
  3. Migrate Your Funds: Transfer your assets from the compromised wallet to your new wallet as quickly as possible. For detailed instructions on setting up and migrating to a new wallet, please refer to our migration guide.

I don't know how I got scammed!

Understanding how a scam occurred can be challenging, but awareness is the first step towards prevention. Here are some common methods scammers use:

  • Malware on Your Computer: Your device may be infected with malware such as a key-logger, clipboard hijacker, or a malicious extension that monitors your activities.
  • Phishing Scams: You might have entered your Secret Recovery Phrase into a fraudulent website or app that appeared to be Phantom.
  • Fake Phantom Apps: You may have installed a fake Phantom app on your browser extension or mobile device. Always download the official apps directly from the official Phantom website and use links provided there, ensuring URLs are accurate.
  • Compromised Seed Phrase: Someone might have accessed your seed phrase from its secure location.

While falling victim to a scam can be distressing, it also serves as a reminder of the importance of cybersecurity. By taking proactive measures, you can protect your assets and stay secure in the future.

Steps to Enhance Your Security:

  1. Regularly Scan for Malware: Use trusted antivirus and anti-malware software to keep your devices clean.
  2. Verify Authenticity: Always ensure you are using the official Phantom app or website. Check URLs and download sources carefully.
  3. Secure Your Seed Phrase: Store your Secret Recovery Phrase in a secure, offline location and never share it with anyone.

By staying informed and vigilant, you can turn this experience into a learning opportunity and enhance your digital security. For more tips and resources, visit our Security Center.

Stay safe, and thank you for trusting Phantom with your digital asset management.


Phantom is a user-controlled wallet, we never have access to your seed phrases. If there is anything more you can think of that might shed more light on what happened, we can look into it. Remember, all transactions made on the blockchain are irreversible and difficult to track.  If you have information on phishing websites, fake websites, or any relevant information about the scam, help us by reporting them: How to report a scammer?



Was this article helpful?

66 out of 207 found this helpful
Can't find what you're looking for?

Start a chat