Scam Message Checker

Your crypto wallet was drained

If your wallet was emptied after a 'connect wallet', signature, or seed-phrase request, act fast: move any remaining assets to a brand-new wallet, revoke token approvals, and report it. Crypto transfers are usually irreversible, so the priority is protecting what's left and stopping further losses.

Quick answer

If your wallet was emptied after a 'connect wallet', signature, or seed-phrase request, act fast: move any remaining assets to a brand-new wallet, revoke token approvals, and report it. Crypto transfers are usually irreversible, so the priority is protecting what's left and stopping further losses.

  • Stop interacting with the site or app that triggered it.
  • Create a new wallet and transfer remaining assets to it.
  • Note the transaction hashes of the unauthorised transfers.
Most urgent

Do this now

  1. Move any remaining funds to a new wallet you create on a clean device.
  2. Revoke token approvals/permissions you granted to unknown sites.
  3. Treat the drained wallet and its seed phrase as permanently compromised.

Understanding what happened

A drained wallet is painful because crypto transfers are usually irreversible - but acting fast still protects what's left. The priority is moving any remaining assets to a brand-new wallet and cutting off the permissions that allowed the drain, rather than chasing the funds that already moved.

Most drains happen one of two ways: you entered your seed phrase somewhere, or you 'connected' your wallet and signed a transaction that approved transfers out. Both hand control to an attacker, which is why no legitimate site or 'support agent' ever needs your recovery phrase or a blind signature.

Because the blockchain is public, you can document exactly what happened - the transaction hashes, the addresses involved, and the site or message that triggered it. That record is what an exchange needs if the funds reach them (they can sometimes freeze) and what authorities use to investigate.

Assume the compromised wallet is gone for good and stop using it; create a fresh one on a clean device and be ready for the inevitable 'recovery service' that promises to retrieve drained crypto for a fee. That offer is always a second scam preying on the loss.

First 5 minutes

  1. Stop interacting with the site or app that triggered it.
  2. Create a new wallet and transfer remaining assets to it.
  3. Note the transaction hashes of the unauthorised transfers.

First 24 hours

  1. Revoke approvals using a reputable approval-checker tool.
  2. Report to the exchange if funds moved to one; they may freeze them.
  3. File a report with your national cybercrime authority with the tx hashes.

Next 7 days

  1. Stop using the compromised wallet entirely.
  2. Review which sites/contracts you'd approved and remove the rest.
  3. Be alert for 'recovery' scammers targeting you next.

What not to do

  • Do not enter your seed phrase anywhere to 'restore' or 'recover'.
  • Do not pay a 'recovery service' promising to retrieve drained funds.
  • Do not keep using the compromised wallet.

Evidence to save

  • The transaction hashes of the unauthorised transfers.
  • The site/app or message that triggered the drain.
  • Wallet addresses involved (yours and the destination).

How to save scam evidence →

How to report

  1. Gather your evidence first (screenshots, dates, amounts, any reference numbers).
  2. Report to your national fraud/cybercrime body and, if money moved, to your bank.
  3. Find the right official links for your country in the reporting directory.

Find official reporting links for your country in the reporting directory.

  • Do not use phone numbers or links from the suspicious message - look up the official ones yourself.
  • Report quickly if money was sent or ID documents were shared; speed improves your options.
  • Keep your evidence - see how to save scam evidence.

Beware 'recovery' offers afterwards: anyone who contacts you promising to get your money back for an upfront fee is running a second scam.

Stop it happening again

Keep a hardware wallet for anything valuable, never type your seed phrase into a website, and review token approvals periodically, revoking ones you don't recognise.

Be sceptical of surprise airdrops, 'wallet validation', and urgent mint links - these are the most common drain triggers.

Related scam types

Related red flags

Related terms

This is general safety information, not legal, financial, or cybersecurity incident-response advice.

Still have the message?

Check it to understand the red flags and how to report it.

Check a message

Frequently asked questions

Can I reverse the transfer?

Crypto transfers are usually irreversible. The priority is protecting remaining funds and reporting; exchanges can sometimes freeze funds if you're fast.

Will a recovery service help?

Almost never. Upfront-fee recovery offers are a common follow-up scam. Report through official channels instead.

Can the transaction be reversed?

Crypto transfers are generally irreversible. Focus on protecting remaining funds and reporting; if funds reached an exchange, report quickly as they can sometimes freeze them.

Get scam safety updates

Practical scam alerts, new examples, and simple safety tips. No spam. No sensitive message data.

We only collect your email address, optional name, consent status, signup page, and signup time. See our privacy policy.