I had always been cautious about securing my crypto assets, keeping them in a reputable wallet with two-factor authentication (2FA) enabled. However, nothing could have prepared me for how easily scammers could bypass even the most secure setups.

One evening, I received a push notification on my phone from what appeared to be my wallet provider, TrustWallet. The message warned of “unusual login attempts” on my account and urged me to verify my credentials immediately to prevent unauthorized access. Panicked, I clicked the link, which directed me to what looked exactly like TrustWallet’s official website. It had the same layout, branding, and even a working login page.

The site asked for my 12-word seed phrase to restore access. At first, I hesitated, knowing that seed phrases should never be shared. But with the notification warning that my funds were at risk, I let fear take over. I entered my phrase, and within seconds, my screen went blank.

I tried logging into my actual wallet, only to find that my balance was now zero. Every single token—worth over $45,000—had been transferred out of my account to an unknown address. My entire savings were gone, and I had no way to recover them.

Later, I learned that this was a phishing scam, where scammers create fake wallet alerts to trick users into entering their seed phrases. The link I had clicked led to a fraudulent website designed to look exactly like TrustWallet’s official page. Once I entered my seed phrase, the scammers gained full control over my wallet, draining it within seconds.

What I Learned
This devastating experience taught me a hard lesson—wallet providers will NEVER ask for your seed phrase. If you receive an email, text, or notification asking you to enter it, it is 100% a scam. Always go directly to the official website instead of clicking links in messages. I also learned to use a hardware wallet for added security, as scammers are getting smarter with phishing tactics.