Fake crypto wallet seed phrase phishing — fraudulent email impersonating MetaMask, Coinbase Wallet, Ledger, Trust Wallet, Phantom, or Trezor claiming the recipient's wallet has been suspended, compromised, or flagged — then directing them to enter, submit, or provide their seed phrase, secret recovery phrase, mnemonic, or private key to verify ownership and restore access — a devastating crypto theft attack that instantly drains all wallet assets

Phishing emails impersonating MetaMask, Coinbase Wallet, Ledger, Trust Wallet, Phantom, Trezor, or other self-custody crypto wallets — claiming the recipient's wallet has been suspended, compromised, or flagged for security review — then directing them to enter their seed phrase, secret recovery phrase, mnemonic, or private key to verify ownership and restore access. Seed phrase theft is catastrophic: it gives the attacker permanent, irrecoverable access to all funds. Key facts: (1) Crypto wallet phishing caused approximately $3.8B in crypto theft in 2022 alone (Chainalysis Crypto Crime Report 2023); wallet-draining phishing is the single most lucrative per-attack fraud category; (2) The seed phrase is the master key to a self-custody wallet — any party who possesses it has complete, irreversible control over all assets. No legitimate wallet service will ever ask for a seed phrase under any circumstances — this is the cardinal rule of crypto security; (3) MetaMask phishing alone generated hundreds of millions in losses in 2022–2023; the MetaMask brand is the most impersonated wallet in phishing due to its market dominance as a browser extension wallet; (4) Seed phrase phishing attacks often deliver victims to highly convincing wallet interface clones that mirror the legitimate wallet UI exactly — users cannot distinguish the fake from the real without checking the URL. Warning signs: wallet suspension/compromise alert from non-official domain, request for seed phrase/recovery phrase/private key under any pretext, urgency to "restore" or "verify" wallet.