Fake OpenSea NFT Offer Email Phishing
Criminals send fake OpenSea offer-received emails designed to rush NFT owners into clicking phishing links or signing malicious transactions. Genuine OpenSea offers are reviewed by logging into opensea.io directly.
Part of: Fake Order Confirmation Phishing Scams
Last reviewed: 7 June 2026
Receiving an offer on an NFT is an exciting event, and OpenSea genuinely emails users when offers are received on their listings. Scammers abuse this legitimate email pattern to send fake offer notifications that create urgency, hoping the recipient will click through quickly to 'accept the offer' before it expires.
The fake offer email closely mimics OpenSea's genuine design: the NFT's image, a convincing offer amount in ETH, a countdown timer, and an 'Accept Offer' button. The button leads either to a phishing page that harvests wallet credentials or directly to a malicious contract interaction.
Understanding OpenSea's real offer notification helps identify the fake. Genuine OpenSea offer emails come from an @opensea.io address, display the specific NFT and collection name, and direct users to opensea.io to review and accept offers through their profile — not through an inline 'Accept' button that bypasses the standard login and review process.
How this scam works on the OpenSea brand
A fake offer email claims that a valuable NFT in the victim's collection has received a generous offer, with a timer suggesting it expires in a few hours. The 'View and Accept Offer' button leads to an OpenSea-clone site that prompts the user to connect their wallet. Upon connecting, a MetaMask signature request appears — which is actually a Seaport order transferring the NFT to the attacker for 0 ETH.
A variation targets holders of popular NFT collections by calculating likely floor prices and fabricating offer amounts slightly above floor to be enticing. The precision makes the offer seem credible enough for the recipient to act quickly without independently verifying at opensea.io.
Genuine OpenSea offer emails include the collection name, the offering wallet's recent activity (visible after clicking through to opensea.io), and the offer terms. Accepted offers require confirming a MetaMask transaction that clearly shows the ETH amount being received and the NFT being transferred — not a 0 ETH drainer order.
Common red flags
- An offer email with an 'Accept Offer' button linking to any domain other than opensea.io
- A countdown timer in an offer email creating pressure to accept without verification
- A wallet-connection prompt on a non-opensea.io site to accept an NFT offer
- A MetaMask confirmation showing 0 ETH received for an NFT transfer after clicking 'Accept'
- An offer email from a [email protected] sender address
- An offer amount that seems too good to be true for the NFT's known market value
How to protect yourself
- Review all NFT offers by logging into opensea.io directly — never through an email link
- Check the offer details on opensea.io: the offering wallet address, the ETH amount, and the expiry
- Read the MetaMask transaction carefully before confirming any offer acceptance — verify the ETH amount you will receive
- Bookmark opensea.io and use only that to manage your NFT listings and offers
- Forward suspicious OpenSea emails to support.opensea.io before clicking any links
How to report it
- Report phishing emails and sites to OpenSea at support.opensea.io
- Forward the phishing email to your email provider's spam reporting function
- Submit the phishing domain to Google Safe Browsing
- Report to IC3.gov (US) or Action Fraud (UK)
Frequently asked questions
How do I check whether an OpenSea offer email is genuine?
Check the sender address for @opensea.io, then independently log into opensea.io to verify the offer is visible in your profile. If the offer is genuine, it will appear under your offers received. If not, the email was fraudulent.
Can I safely review an offer from the email link?
The safest approach is always to navigate to opensea.io directly rather than clicking the email link. This avoids any risk of being directed to a phishing site even if the email appears genuine.
What does a legitimate OpenSea offer acceptance transaction look like in MetaMask?
A genuine offer acceptance shows the specific ETH or WETH amount you will receive, the specific NFT being transferred, and involves OpenSea's Seaport contract. The net effect should be that you receive the agreed ETH while the NFT leaves your wallet.