Cryptoasset users need to be cautious of scams that demand recovery phrase disclosure, as this is the primary cause of significant asset losses.
Social engineering attacks and Private Key and Recovery Phrase leaks are leading to billions of dollars in cryptoassets being stolen, while physical attacks in Europe are also increasing, directly threatening investors' asset safety.
- Warning of 2.8 million USD Bitcoin loss due to Recovery Phrase fraud.
- Private Key and recovery phrases account for over 80% of cryptoasset loss causes.
- Europe witnesses an increase in physical attacks aimed at cryptoasset theft.
Why are cryptoasset users easily deceived by Recovery Phrase disclosure?
Directly: Entering recovery phrases or Private Keys on fake websites is the main reason for cryptoasset loss. A typical example is a victim in the UK who was defrauded of 2.8 million USD in Bitcoin after being tricked into entering a recovery phrase on a fake website.
In detail, hackers often impersonate high-ranking law enforcement officials, creating false pressure that personal data related to a criminal investigation has been leaked on the suspect's phone. They then request the victim to provide a recovery phrase to "protect assets", but actually steal all funds from the wallet within minutes.
With continuously upgraded fraud techniques, users must remain vigilant and never provide recovery phrases or Private Keys to anyone, even those claiming to be police officers or officials.
This is a serious warning for users to absolutely not disclose wallet information to anyone, as once the recovery phrase is exposed, it cannot be recovered.
Quoted from a North Wales Police representative, August 2025
What information indicates the risk of Private Key and Recovery Phrase leaks as the primary cause of cryptoasset losses?
Directly: According to a report by blockchain security company TRM Labs, over 80% of cryptoasset losses in the first six months of 2025 are related to Private Key or wallet recovery phrase leaks.
In-depth analysis shows that the primary cause remains social engineering attacks, where malicious actors exploit users' lack of understanding or vulnerabilities to collect login information. Additionally, physical attacks like "wrench attacks" have become more common in Europe, increasing the risk of cryptoasset losses. These methods demonstrate the diverse and sophisticated attack forms aimed at investor asset theft.
Notably, France has recorded at least 10 physical attacks related to cryptocurrencies, including kidnappings and ransom demands in cryptoassets, showing impacts not just in technical aspects but also in users' personal security.
What do authorities recommend users do when receiving calls related to cryptoassets?
Directly: North Wales Police emphasize that law enforcement never directly contact the public to request cryptoasset wallet information or Recovery Phrases.
When receiving such calls, users should immediately refuse, hang up, and call the non-emergency number 101 to verify, avoiding asset theft traps. This is a crucial step in protecting personal assets from increasingly sophisticated fraud schemes.
Simultaneously, raising awareness and being cautious of messages or emails requesting login information or recovery phrases is also a decisive factor in safely protecting cryptoassets.
Frequently Asked Questions
1. What is a Recovery Phrase and why should it not be shared with others?
A Recovery Phrase is a keyword chain used to restore a cryptoasset wallet. Providing it to others means granting full access and control of wallet assets.
2. How to recognize fraudulent calls related to cryptoassets?
Calls requesting Recovery Phrase or wallet information, or claiming to be law enforcement without official verification procedures, are fraud indicators.
3. If the recovery phrase has been exposed, what can I do to protect my assets?
Upon discovering a recovery phrase leak, immediately transfer all assets to a new wallet and stop sharing information to limit losses.
4. What methods help protect cryptoassets from physical attacks?
Use Cold Storage, keep wallet information in a safe place, and avoid publicly disclosing personal information related to cryptoassets to reduce risks.
5. What role does security company TRM Labs play in combating cryptoasset crime?
TRM Labs analyzes data and reports attack trends, helping identify and prevent fraud activities related to cryptocurrencies globally.
