Most crypto scams rely on rushing you into clicking, signing, or sharing something sensitive. Stay skeptical and use official channels.
Common red flags
Unsolicited DMs or emails offering “support,” giveaways, or urgent fixes.
Look-alike domains (oncha1n, 0nchain, etc.). Type URLs manually or use bookmarks.
Unsigned or unclear requests in your wallet that ask for broad permissions.
Pressure tactics (“act now,” “limited window”) that push you to sign or pay.
ONCHAIN® embedded wallet vs. third-party wallets
ONCHAIN® embedded wallet:
No seed phrase to reveal or import—phishing that asks for one is automatically bogus.
You’ll only interact inside the ONCHAIN® flow; if someone asks you to “export” and share keys, do not proceed.
MetaMask / Trust Wallet:
Never share or type your recovery phrase/private key anywhere—support will never ask.
Add tokens/networks using official sources only.
Review every permission (spend limits, approvals) before you sign.
Safe habits
Navigate intentionally: Open ONCHAIN® from your own bookmark or our official site, not from links in DMs.
Verify before you sign: Check the site, contract, amount, and network. If anything is unclear, cancel.
Keep software updated: Update your wallet and browser; remove unknown extensions.
Use official support: If you need help, contact ONCHAIN® via our Help Center—don’t accept help from cold DMs.
If you think you clicked something risky
Stop and don’t sign further transactions.
Capture details (screenshots, URLs).
Contact support through official channels for guidance.
For MetaMask/Trust Wallet, consider revoking approvals via a trusted tool and moving funds to a fresh wallet if advised.