FAQ: I got scammed or hacked

Q: I have been phished, scammed, or hacked. Can you help?

A: Unfortunately, there is no way for us to assist. Cosmostation operates as a user-controlled wallet, which means we do not have access to your mnemonic (seed phrase). If compromised, the only recourse is to create a new wallet and transfer any remaining assets to it.

Q: What should I do if I fall victim to phishing, scams, or hacking?

A: If you have provided your mnemonic phrase or private key, or entered it on a phishing site, it is crucial to immediately cease using all wallets derived from that mnemonic and create a new wallet to transfer any remaining assets. A hacked wallet is no longer secure.

Q: What steps should I take to prevent phishing, scams, and hacking?

A: Always be cautious and keep your seed phrases and private keys secure. Never trust any individual or website asking for your seed phrase.

Never share your mnemonic phrase. Do not trust anyone asking for your seed phrase under any circumstances.
Do not enter your seed phrase on any website. Cosmostation support will never ask for your seed phrase.
Use secure wallets. Stop using compromised wallets and create new ones.
Always keep the security of your devices up-to-date.
If you notice suspicious activity, do not engage and report it immediately.

Q: I don't know how I was hacked. What are some common methods?

A: There are many ways scammers operate, but here are a few common methods:

Social engineering attacks: Scammers impersonating Cosmostation team members may ask for your mnemonic (seed phrase) via communication channels such as Twitter, Telegram, or Discord.
Phishing sites or fake applications: Users log into fake websites or apps that look legitimate and enter their mnemonic phrase.
Exposure through Google Photos or cloud services: If users screenshot their mnemonic and store it on cloud services like Google Photos, and then their cloud account gets hacked. If the email is compromised, the linked cloud storage can be accessed, so special care is needed when storing sensitive information in the cloud.
Malware: If keyloggers, clipboard hijackers, or malicious browser extensions installed on a user's computer or mobile device become active, they can record keystrokes or alter the contents of the clipboard.
Unauthorized access to mnemonic: If a user stores their mnemonic in a note or digital file and it is discovered or accessed by someone else.

All transactions made on the blockchain are irreversible, so it is imperative to handle private keys and mnemonics with extreme care. Always stay vigilant, report any suspicious activity immediately, and take appropriate security measures when necessary.