Phishing
Social engineering attacks tricking users into revealing seed phrases through fake websites, emails, and support scams.
Take the QuizDocumented Case Files
Forensically verified incidents from the permanent collection. Select any case file to examine detailed evidence, witness statements, and chain-of-custody documentation.
What Went Wrong
Step-by-step failure reconstruction and vulnerability chain analysis.
Users entering seed phrases into malicious websites resembling legitimate platforms
Fake customer support requesting seed phrase for 'verification'
Compromised browser extensions capturing seed phrase input
QR code scams replacing legitimate recovery codes
Prevention & Best Practices
Recommended procedures for individuals managing seed phrase security.
Never enter seed phrases into any website or application
Verify URLs and certificate authenticity before any interaction
Use hardware wallets for phishing-resistant authentication
Educate on common social engineering tactics
Seed Phrase vs. Multi-Party Computation (MPC)
One lost word = total loss
Distributed across multiple parties
Destroyed by fire, flood, or disaster
No physical backup to lose or destroy
Complete access if compromised
Multi-party approval required
Transcription mistakes are permanent
User biometrics for signing
Difficult to transfer securely
Structured recovery protocols
One person can be forced to disclose
Multiple parties must be compromised