Crypto Wallet Drainer / Fake Exchange Scam
Attack Trigger
Promised investment returns / wallet verification required
What Attackers Want
Entire crypto wallet balance — often $1,000–$100,000+
How This Attack Works
Scammers impersonate major crypto exchanges like Coinbase or Binance, or deploy "wallet drainer" smart contracts disguised as giveaways and airdrops. Victims are asked to connect their crypto wallet or enter their seed phrase to "verify" or "claim" funds — after which the attacker drains all assets instantly.
Red Flags to Watch For
- ✗Any email promising to "double your crypto" is always a scam
- ✗Requests for your 12- or 24-word seed phrase — never share this with anyone
- ✗Sender domain does not match the official exchange domain
- ✗Urgent deadline to claim a reward or your account will be frozen
- ✗Links to wallet connection sites with unfamiliar or misspelled domains
- ✗Celebrity or influencer endorsements you cannot verify independently
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- coinbase-wallet-verify.comMALICIOUS
- binance-secure-login.netMALICIOUS
- crypto-double-reward.comMALICIOUS
- metamask-wallet-support.netMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free