All Collections
Security and Privacy
Pro-Tips: How to Avoid Phishing/Scams
Pro-Tips: How to Avoid Phishing/Scams

How to keep your assets secure and avoid scammers

Katya Michaels avatar
Written by Katya Michaels
Updated over a week ago

1. Secure your access method

  • You will notice that we don't recommend direct access with a private key, keystore file, or recovery phrase. If you are still using one of these methods and putting your keys directly into sites on the internet, you are putting your wallet at risk of being drained. It's time to transition to a more secure wallet.

  • MEW offers multiple options for creating a secure wallet to keep your assets safe:

2. Keep your recovery phrase or private key stored securely

  • Don't store your phrase or keys on a computer connected to the internet, on a cloud service, in an email, or in a messenger app. Anything connected to the internet can potentially be accessed by malware.

  • Write your phrase down on paper or on a special metal phrase storage device, and keep it in a secure location only you know.

  • DON'T LOSE YOUR PHRASE OR KEY! MEW is a self custody wallet so we won't be able to recover your wallet access for you.

3. Do not give your private key, mnemonic phrase, or keystore file to anyone for any reason

  • You should never have to enter your private key or phrase for wallet support, any airdrop, wallet service, or KYC process.

  • Official MEW support will never ask you for your keys. Nobody needs your keys or phrase to send you crypto – they can just use your public address. There is no such thing as 'wallet verification' with your key or phrase. The only reason anyone will ask you for your key or phrase is to steal your assets.

4. Be careful about direct messages and groups on messenger apps like Telegram, Whatsapp, Viber, WeChat, etc

  • MEW does not provide user support on Telegram, Whatsapp, Viber, or any other messaging services. For official support, only write to support@myetherwallet.com or message us directly from the MEW wallet app.

  • MEW will never message you first. When you set up a MEW wallet, you don't provide your email, phone number, or even name, so there is no way for us to reach out to you unless you write us first.

  • If someone DMs you pretending to be MEW, sending you a link to a website, or offering high returns on a crypto operation, it's a scam.

5. Don't click on links sent to you. Double check the URLs for platforms you use regularly. Don't use crypto websites you are not familiar with.

  • Look closely at the URL of the website you're using. Phishers are very clever with their tiny dots and accents over and under the letters, imitating the address of a service that you use frequently (like MEW web).

  • Bookmark all the sites you visit most.

  • Remember that if you visit a site in MEW wallet mobile browser, it DOES NOT mean that MEW knows about it or endorses it. Web3 browsers are just like regular Chrome browsers – they can take you anywhere on the web, but it does not mean the site is legitimate.

6. Do your own research. Google any projects you’re interested in.

  • Look for common signs of scams – poorly made or outdated websites, strange spelling and broken English, not having links to official social channels on the webpage, not having a webpage at all and only offering to contact users on messaging apps.

  • Check their Twitter, Reddit, and other social profiles. Make sure the user name looks right, the website link is the same as the official page, and that they are followed by some other accounts you trust.

  • In general, always check a company's official accounts listed on the official website before trusting anyone who claims to represent them.

7. Learn to recognize scams - there are so many out there, and you WILL be targeted by a scammer at some point in your crypto journey.

  • If someone asks you to send 1 ETH and get 3 ETH back, it's a scam. Nobody is just giving away ETH for nothing, ever.

  • Promising an airdrop and asking for your phrase to receive it – scam. Remember, never give your phrase or key for any reason.

  • When someone says they can fix an issue with your wallet and asks for your keys or phrase to do it – it's a scam.

  • Asking you to 'verify' your wallet by using your phrase – scam.

  • Telling you to put more money into a 'mining operation' in order to get many times more in return - scam.

  • People who lose their crypto are not 'hacked'. They are either not storing their keys securely, or they are convinced by scammers into giving away their phrase or into sending the assets to a scammer address. Don't be like them.

8. Double and triple-check everything!

  • Make sure every address is 100% correct, as even one wrong character will lead to a completely different wallet.

  • While you’re at it, register an ENS domain name so your friends can send to “MyName.eth” instead of “0xab3c4edf…”.

    • Read more about registering an ENS domain HERE.

  • Be certain that you understand what will happen with your crypto and where it will go before sending a transaction. If you are confused or uncertain at all, write to us at support@myetherwallet.com and we will do our best to help.

  • Nobody can freeze, reverse, or refund transactions on the blockchain, so this is very important!

9. Last, but not least, don’t be afraid to ask for help!


~ If you haven't already, feel free to check us out on Twitter and Reddit ~

Tags:

mewwalletios, mewwalletandroid, whatis, phish, scams, tips, security

Did this answer your question?