One evening, I received a notification on my phone from what appeared to be my crypto wallet provider. The message claimed that a mandatory security upgrade was required to continue using the wallet, and it included a link to complete the process. The notification used the official logo, and the language matched the provider’s typical tone, so I didn’t think twice before clicking the link.

The link directed me to a website that looked identical to the wallet provider’s official site. It prompted me to log in and confirm my recovery phrase to verify the upgrade. Without hesitation, I entered my details and completed the steps. The website confirmed that the upgrade was successful, and I didn’t think about it again—until the next morning.

When I checked my wallet, I discovered that all my funds, totaling over $8,000, had been transferred to an unknown address. Panic set in as I realized what had happened. I contacted the wallet provider’s support team, who confirmed that they never send upgrade notifications through third-party messages. The scammers had replicated the provider’s branding and created a phishing website to steal users’ credentials.

This incident taught me to never trust unsolicited notifications or messages, even if they appear legitimate. Always access your wallet through the official app or website and double-check any requests for sensitive information. Legitimate providers will never ask for your recovery phrase or private keys under any circumstances.