Is an app or website asking for my crypto wallet seed phrase to connect or verify my wallet a scam?
Yes, always. Your seed phrase is the master key to your wallet. Any request for it is an attempt to steal all your funds instantly.
Last reviewed: 10 June 2026
Explanation
A seed phrase — also called a recovery phrase or mnemonic — is typically 12 to 24 words that give complete control over a crypto wallet. Anyone who has your seed phrase has total, irreversible access to every asset in that wallet. No legitimate wallet connection process, decentralised app, or exchange ever requires your seed phrase to connect.
Scammers create fake wallet-connection interfaces, counterfeit 'official' migration portals, or airdrop claim pages that prompt you to enter your seed phrase for 'verification.' The pages look identical to legitimate services and often appear at the top of search results through paid advertising. Once entered, an automated script drains your wallet within seconds.
Legitimate wallet connection uses cryptographic signing — you approve a transaction with a click and your wallet signs it internally. No words are ever typed out. If you are ever asked to type your seed phrase anywhere outside the initial wallet backup process you completed when setting up the wallet, it is fraud.
Store your seed phrase only on paper or an offline medium, never digitally or in the cloud. Treat a request for your seed phrase as you would treat a request for your bank's master PIN: under no legitimate circumstances should it ever be shared.
Common red flags
- Any interface asking you to type in your seed phrase
- Described as 'wallet verification,' 'migration,' 'sync,' or 'airdrop claim'
- Site found through a paid advertisement on a search engine
- Rushed by a message saying your wallet is under threat
- Cannot connect via normal wallet signing — only the phrase will work
- The URL is a variation of a well-known wallet or exchange name
What to do now
- Close the page immediately without entering any words
- Never type your seed phrase into any website or app
- If you already entered it, move all funds to a freshly generated wallet immediately
- Report the phishing site to Google Safe Browsing and to the platform it impersonated
- Revoke any wallet approvals you may have granted to suspicious contracts via a revoke tool
- Report to your national cybercrime authority
Frequently asked questions
What if I need to recover my wallet on a new device — is it safe to enter the phrase then?
Only enter your seed phrase directly into your wallet's own official app during the device recovery process, with no screen sharing active and no observers. This is the only legitimate use case.
How quickly will my wallet be drained if I enter the phrase on a phishing site?
Automated bots monitor compromised seed phrases and can drain wallets within seconds of entry. There is no time to reverse it once it happens.