Spot phishing
Phishing sites mimic login flows to capture credentials. Always check the URL, SSL indicator, and avoid clicking links from unsolicited messages.
Warning: If someone asks for your seed, password, or 2FA backup codes via chat/email, do not comply — report and block the sender.
Prevention tips
- Bookmark the official platform and use that bookmark to log in.
- Enable WebAuthn/hardware keys when available.
- Keep your browser and OS patched and avoid untrusted extensions.
If targeted
- Disconnect and change passwords from a secure device.
- Revoke sessions and API keys.
- Contact verified support and provide evidence (timestamps, screenshots).