Phishing

A scam where the attacker impersonates a trusted entity to trick you into revealing credentials or sending funds to the wrong address.

Phishing is the digital equivalent of a pickpocket. The attacker impersonates a service you trust — your exchange, your wallet provider, your bank, a customer support rep — and gets you to enter credentials into a fake site, click a malicious link, or send sats to an address that looks legitimate.

Common forms in Bitcoin specifically: emails that mimic exchange notifications ("urgent: verify your account"), SMS messages ("withdrawal pending — cancel here"), fake support chats on Telegram or Discord that contact you first, and lookalike URLs like "binance-support.net" instead of "binance.com".

Defence is mostly behavioural. Support never contacts you first — every unsolicited message claiming to be from a service is a scam by default. Always verify URLs character by character. Never type a seed phrase into anything online. Bookmark the real sites you use and only access them from those bookmarks.

Learn this in our courses

Course topic

Scams & safety

Your worst enemy isn't the market. It's the scammer in your DMs. Recognise every common attack and never lose a sat to one.

Related terms

Glossary

Seed phrase

A 12 or 24-word phrase that backs up your entire wallet. Lose it, lose your sats. Share it, lose your sats.

Glossary

Self-custody

Holding your own Bitcoin private keys. Nobody can freeze, seize, or lose your sats — except you.

← Back to the full glossary

Learn Bitcoin the practical way

Real lessons, sats earned, your own wallet. Free to start.