Author

Topic: Trust wallet KYC verification Phishing mail. Beware! (Read 262 times)

sr. member
Activity: 630
Merit: 352
Thanks for bringing this to the limelight, the activities of scammers are increasing and becoming more sophisticate, impersonating individuals and organizations to scam their victims. It's really overwhelming, people needs to be properly informed, so they won't fall victims to theses criminals.

What attracted me to this thread is the mention of trust wallet, I thought that it's been compromised. I've been trying to send btc for something now through my trust wallet, and it keeps telling me transaction error, due to UTXO dust, it's very frustrating. Please I'll appreciate any help on how to remove this dust UTXO.
hero member
Activity: 1232
Merit: 516
I got one of those phishing mail. Not sure how they got the mail but it was already detected as a scam so i was not obviously ready to proceed with the mail anyway. But if a user understand how these multi-custodial wallet works then there is no way he will believe that he needs to do KYC for a non-custodial crypto wallet. That is why in that mail scammers tried to fool some people by telling them they were eligible for some kind of token rewards which isn't true. It's not that hard to detect phishing attempts.
full member
Activity: 1008
Merit: 139
★Bitvest.io★ Play Plinko or Invest!
These emails screaming phishing scam! No way Trust Wallet's ever asking for personal data.  They don't care bout no KYC.  So if some rando pops into your inbox demanding your license and selfie, trash it.  Just a crook phishing for coins.  Don't click their bait.  Who knows what malware lurks behind those links? Save yourself the headache and delete delete delete.
sr. member
Activity: 1002
Merit: 254
Tontogether | Save Smart & Win Big
So what exactly happens if you click on the link but don't enter your seed phrase or connect your trust wallet?


Is it possible just doing that could get your trust wallet or any wallet hacked on your laptop?  Say you have electrum in your laptop.  Is it possible just clicking on a link can cause your electrum account to be hacked?  What about a virus or malware?  What about a keylogger?  What about it turning on your laptop camera?



I heard if you click on a link, unless you type in the seed phrase or open the program or file, then nothing happens?  Or is that not true?  I read a while back it had something to do with as long as you don't open an exe file, then you are okay?  Or not?

Mostly those links that we clicked and we don't know about them they just take out the pc's information or any device you are using and suddenly when they got the information and the access to all these information puts a person in danger.

Then mostly these wallets got hacked may be there are some data of a person who has stored in its email getting hacked and also if he has stored even in his pc but at some place like Microsoft office etc.
legendary
Activity: 2604
Merit: 2353
Could someone share the link (without the hyperlink feature ofc)? I don't understand why they only ask KYC and not funds, is it a new kind of scam? I wonder if they know who has downloading this wallet and is using it. As OP said you don't need to give your email address when you install it or anytime when you are using it, so except a leak from Google Play, I don't see how they have been able to find those informations. Even when you use it in order to use Dex or other Web3 Dapps you don't need to handover your email address.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
That's a trap they will ask for a KYC verification and seed phrase and actually you can just move to other wallets with your seed phrase without KYC.

Deleting emails is not a good idea you will still receive emails from them if you just deleted them.
If I were you block who emails you and report it as spam to make sure you won't receive any suspicious email again from that email.
At least the email from the scammer is gone and we don't know that OP might forgot or something like that where OP accidentally clicked the link.  Not that I pointed OP as a careless person but as a possibility. I have some old emails I got and I didn't deleted it and it was a scam attempt but not about cryptocurrency though but still I forgot that it was a trap since it's been a long time since the time I received it and know that it is a scam attempt.
full member
Activity: 1792
Merit: 186
So what exactly happens if you click on the link but don't enter your seed phrase or connect your trust wallet?


Is it possible just doing that could get your trust wallet or any wallet hacked on your laptop?  Say you have electrum in your laptop.  Is it possible just clicking on a link can cause your electrum account to be hacked?  What about a virus or malware?  What about a keylogger?  What about it turning on your laptop camera?



I heard if you click on a link, unless you type in the seed phrase or open the program or file, then nothing happens?  Or is that not true?  I read a while back it had something to do with as long as you don't open an exe file, then you are okay?  Or not?
full member
Activity: 448
Merit: 225
Thank you OP for letting us know this type of scamming technic, scammers are too creative to scam people.
The email is very convincing for any newbie to click the link and enter personal details or fall as a victim to a phishing attack, I signed up on too many crypto related sites but never received emails like that
but now I will keep in mind about this because I click links in hurry by seeing the name of reputed company.
If I were 3 years ago me when i was newbie then surely I would have clicked that link or fall as victim of this scam.
legendary
Activity: 1890
Merit: 1537
I have been receiving couple of mail daily to verify KYC for trust wallet. Though occasionally I have been using trust wallet but not as an main wallet. This is absolutely hacking attack. They provide some links even I haven't bothered to click. I just deleted message instantly. Non-custodial wallet won't ask you verify KYC anyway. There are no options to input your mail during creating trust wallet. So no question about receiving KYC verification mail from Trust Wallet. It might a result of data breaches from various crypto sites. So don't click any links if you receive similar mail.
Clicking on these malicious links can pose a significant risk to anyone who opens them, exposing their devices to hacking and compromising their privacy. Emails containing links or downloadable files should not be trusted even if in PDF format. Some less-educated beginners might perceive these phishing messages as genuine and fear that their assets in the Trust wallet will be frozen if they don't pass KYC requirements within the specified period. However, an informed beginner will know that non-custodial wallets do not require KYC verification from their users and will recognize the truth behind these messages. This underscores the importance of knowledge and education in avoiding falling victim to any scam schemes.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
Well that's weird. It's like asking a blind person where the address is.  Trust wallet doesn't even need a email to register, lol. Grin Btw where have you gotten this phishing mail? Is it gmail? I do get a lot of these mails, mostly disguised as promotional and offers, but yes as you said.
legendary
Activity: 966
Merit: 1042
#SWGT CERTIK Audited
I have been receiving couple of mail daily to verify KYC for trust wallet. Though occasionally I have been using trust wallet but not as an main wallet. This is absolutely hacking attack. They provide some links even I haven't bothered to click. I just deleted message instantly. Non-custodial wallet won't ask you verify KYC anyway. There are no options to input your mail during creating trust wallet. So no question to receiving KYC verification mail from Trust wallet. It might a result of data breach from various crypto sites. So don't click any links if you receive smialr mail.

Hmm, mostly you'll receive such emails if you are too frequently using email for scrap airdrop hunting and websites, which they directly use to sell your emails in the black.

There are some other reasons as well for receiving such spammy and phishing emails. The self-custodial wallets never contact to unless you ask for any assistance on their official support. I was just scrolling the latest news blogs and found that in the US there was a full team offering the service to hack any wallet on customer demand and they quit their service recently, Iw as shocked to know haha they stole $70M worth of the funds for their customers.

Such team tack your social media and other Web 2 logins to track down your identity and then they directly target you by different means. Such emails are one fo them.

hero member
Activity: 1246
Merit: 699
This is a good point. In the crypto space, we encounter similar scam attempts nearly every single day. So, here's the deal: in the crypto world, being extra careful is key.
Such fraudulent schemes are not unique to crypto. I also received short messages several times from scammers in the name of banking representatives. and I know banks will never do that unless they offer insurance to their customers. Moreover, I don't have an account at that bank.
This is almost the same as the case revealed by the OP, labeling them from a widely used wallet platform. What is clear is that when creating a wallet you will not be asked to enter your email. but how do they get emails to spread information to all their users?

Remain alert if someone asks us to link our wallet or something related to our wallet key. those who do that kind of thing are just scammers.
sr. member
Activity: 294
Merit: 433
HODL - BTC
Even though we know that creating a wallet in Trustwallet does not require any email but the fraudsters know the victim's email by sending a phishing link on behalf of the Trustwallet wallet, is it because it is already mentioned?
Many times I also receive emails like that but because I already know, I always ignore or delete the email.

If Trust wallet requires KYC on users, they will pin that super important announcement at their X account. https://twitter.com/TrustWallet

Yes there must be an announcement on the official Twitter if it is needed but we know that non-custodial wallets do not require KYC.
So indeed the scammers already know the ins and outs of spreading phishing sites not only spreading on social media.
member
Activity: 966
Merit: 25
Ton Together | Save Smart & Win Big
Non-custodial wallet won't ask you verify KYC anyway.
This is a good point. In the crypto space, we encounter similar scam attempts nearly every single day. So, here's the deal: in the crypto world, being extra careful is key. If you get an email, double-check everything like the email, links, and official channels. Make sure it's all legit. Verify the sender's email address, check official websites, and confirm on their social media. There are sneaky folks trying to snatch your funds, so be vigilant. Don't rush into anything. It's like navigating a crowded street, watch your steps, look around, and make sure you're on the right path. Being meticulous in the crypto space is your shield against potential threats, so take that extra moment to safeguard your assets.
hero member
Activity: 3024
Merit: 680
★Bitvest.io★ Play Plinko or Invest!
Good job because most of these emails are truly phishing attempts to get your seed phrase from that wallet. And to mind everyone, this isn't just specific only for Trust Wallet as this can happen to every wallet that we use that they're going to use the name of.

And also, even on the hardware wallets, they're going to use the names of these brands just to trick people into belief that they really have to replace or fix it through the link that they will include at the bottom of their emails.

Don't get tricked everyone and always verify these emails or much better ignore them all and block.
hero member
Activity: 714
Merit: 521
DGbet.fun - Crypto Sportsbook
I have been receiving couple of mail daily to verify KYC for trust wallet. Though occasionally I have been using trust wallet but not as an main wallet. This is absolutely hacking attack. They provide some links even I haven't bothered to click. I just deleted message instantly

This is not the first time scammers will be making attempts of try to scam people and most especially the trust wallet users, sometimes when we download their wrong wallet app, this happens, sometimes when we leave our wallet informations to the public like our wallet addresses, they use them to also physh on us, they fo to the extent of sending you a little amount of money less than one dollar just to pull their trick more abvious to attack users.

Non-custodial wallet won't ask you verify KYC anyway.

Knowing this alone solvee the problem, avoiding the messages sent is another means and lastly blocking the source sending you the messages is another action someone can take against these hackers.

There are no options to input your mail during creating trust wallet. So no question to receiving KYC verification mail from Trust wallet.

This is why we also insist on having a genuine background information about bitcoin or wallet before starting, this will make you understand the difference between custodial and non custodial wallet, how to identify scam and other illicit cryptocurrency activities, an ordinary inexperienced newbie wouldn't hwve known all these and the next is that they are providing the scammers with every informations asked for in the name of securing their wallet.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
I always get any fake email from scammer with lots of tricks to try scam.
This is my small tips to check phising email.
- Check email address sender first (most scammer use free emails)
- If you don't know official email from any project, you can check in their social media and website.


I would be worried if I received such letters very often, as you write. This suggests that your mail will eventually be attacked, and we cannot predict the actions of social engineering. Don't feel alone if you don't receive emails; on the contrary, this is an indicator that hackers are not interested in you since you keep your emails away from their eyes.
sr. member
Activity: 812
Merit: 315
DGbet.fun - Crypto Sportsbook
Could probably work on newbies, thanks for bringing this to our attention, the truth is Trust wallet isn't the only one these scammers use, I have mails from fake Metamask and ledger too, funny enough I don't use ledger, lack of crypto knowledge is the only way someone can be a victim here, when you are asked to connect your wallet through links it's a scam, when you are asked to import your recovery seed it's a scam, even if the email is from the wallet company I won't fall because I know that inside jobs are real.

Scammers have tools that gather hundreds of thousands of emails online, I don't know how they do it but it works, and they start sending email in bulk out to the email addresses, hoping that someone takes the bait, thing is crypto investors need to understand private keys and recovery seed, there is never a bug that will request for your keys to fix, it's all lies, only you must have access to your private keys, don't ever give it out for any reasons.


legendary
Activity: 2702
Merit: 4002
With all the crazy events happening in the world right now, I would not be surprised if one of these closed source wallets decided to ask customers to complete KYC verification, especially for services like multi-currency wallets where there is no option to download an open source wallet or the options are limited.

What exactly happens if you click on verify your wallet?  Do you have to enter your trust wallet seed or it ask to enter that?  So if you don't do anything, are you safe or is clicking the link mean your trustwallet would get hacked?  What about malware or virus or keylogger on your computer?

In most cases, they will not be able to steal your money unless you download or give them root access, such as installing an application, but they may be able to access the clipboard, open the camera, collect more data about you, steal cookie content, or other things related to privacy.
full member
Activity: 1792
Merit: 186
What exactly happens if you click on verify your wallet?  Do you have to enter your trust wallet seed or it ask to enter that?  So if you don't do anything, are you safe or is clicking the link mean your trustwallet would get hacked?  What about malware or virus or keylogger on your computer?
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
Do you own a Ledger? Because chances are, that's where your email got leaked lol. Also — use custom email address aliases bros, makes preventing phishing/spam emails a lot easier.

https://chainsec.io/scams
hero member
Activity: 1442
Merit: 775
If Trust wallet requires KYC on users, they will pin that super important announcement at their X account. https://twitter.com/TrustWallet

There is no announcement like that on Trust wallet's X account.

Trust wallet is non-custodial but it is close source and it was acquire by Binance years ago. If you are a fan of non-custodial wallets but must be open-source, you will look for other wallets with open-source.

This scam attempt was reported at Trust wallet community https://community.trustwallet.com/t/probable-scam-relating-to-kyc/832975

Because you received that scam email, check your email address with https://haveibeenpwned.com/
sr. member
Activity: 658
Merit: 441
Thanks for bringing this to public notice. There's been a data breach, and your email must have been stolen from one of the platforms you signed up. I must say that it's a poorly hatched phishing attempt because non custodial wallet will never ask you to submit your personal information for verification, this is only possible on custodial wallets. Also, you don't need an email address when creating a trust wallet or any other non custodial wallets. It's clearly a scam and newbies should be warned.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
That's a trap they will ask for a KYC verification and seed phrase and actually you can just move to other wallets with your seed phrase without KYC.

Deleting emails is not a good idea you will still receive emails from them if you just deleted them.
If I were you block who emails you and report it as spam to make sure you won't receive any suspicious email again from that email.
sr. member
Activity: 554
Merit: 271
I always get any fake email from scammer with lots of tricks to try scam.
This is my small tips to check phising email.
- Check email address sender first (most scammer use free emails)
- If you don't know official email from any project, you can check in their social media and website.
hero member
Activity: 868
Merit: 952
Thanks for sharing this information as some of us might want to rush and verify their KYC with the intention that by so doing that the security of their wallets will be more assured and guaranteed not knowing that they may be exposing the wallets to some kind of random access by some hackers and scam sites and if information like this doesn't come to us on time it might lead to lots of people being scammed before it will be noticed that's the more reason why any information concerning the security of one's wallets shouldn't be taken for granted as negligence can sometimes lead to untold consequences. The security of your wallets should be taken of utmost priority so it is important we run security checks on our wallets from time to time.

Even now we don’t know who and who might have fallen into this phishing attempt attack by the hackers but this is a warning at the right time. Going forward one of the keys way to avoid attacks like this is to verify by checking there social media (which can also be compromised) or login to your account if it is true you might see it there

Now to a realistic thing no Non custodial wallet will ask for KYC because even if they do they can’t confiscate your holdings without the seed phrase or keys, but for case like TrustWallet which is closed source you wouldn’t know how the keys are even be generated or what they do with them. So ditch closed wallets and move over to open source wallets
sr. member
Activity: 420
Merit: 253
Thanks for sharing this information as some of us might want to rush and verify their KYC with the intention that by so doing that the security of their wallets will be more assured and guaranteed not knowing that they may be exposing the wallets to some kind of random access by some hackers and scam sites and if information like this doesn't come to us on time it might lead to lots of people being scammed before it will be noticed that's the more reason why any information concerning the security of one's wallets shouldn't be taken for granted as negligence can sometimes lead to untold consequences. The security of your wallets should be taken of utmost priority so it is important we run security checks on our wallets from time to time.
legendary
Activity: 2422
Merit: 2228
Signature space for rent
I have been receiving couple of mail daily to verify KYC for trust wallet. Though occasionally I have been using trust wallet but not as an main wallet. This is absolutely hacking attack. They provide some links even I haven't bothered to click. I just deleted message instantly. Non-custodial wallet won't ask you verify KYC anyway. There are no options to input your mail during creating trust wallet. So no question to receiving KYC verification mail from Trust wallet. It might a result of data breach from various crypto sites. So don't click any links if you receive smialr mail.



Jump to: