Bitcoin.com is aware that fraudulent emails were recently sent through our third-party email service by an unauthorized party. We identified the breach, revoked access, secured our systems, and directly contacted Bitcoin.com users who were affected. All user funds are safe.
What happened
An attacker unlawfully gained access to our email service and used it to send phishing emails impersonating Bitcoin.com. These emails falsely claim that Bitcoin.com is merging with companies such as Trust Wallet or Gemini and ask recipients to migrate their accounts. They use high-pressure tactics including fake airdrop offers to create urgency. These claims are entirely false. Bitcoin.com has not merged with any company. No user accounts are being migrated. Bitcoin.com will never ask for seed phrases, private keys, or offer unsolicited airdrops requiring account migration.
The attacker is targeting a set of leaked email addresses, and we have identified Bitcoin.com users who were included and have notified them.
What we’re doing
We have contacted the Bitcoin.com users who were directly affected. We have revoked the attacker’s access and secured our email infrastructure. We are working with third-party security firms to investigate the full scope of this incident and prevent future occurrences. We will continue to provide updates as our investigation progresses.
User funds are safe
Bitcoin.com is a self-custodial wallet. User private keys are stored locally on each user’s device and were not affected by this incident. No wallet infrastructure was compromised.
What to do if you receive one of these emails
Do not click any links in emails claiming Bitcoin.com is merging, migrating accounts, or offering airdrops. Do not enter your seed phrase or private keys anywhere, for any reason. Be cautious of any unsolicited crypto emails using urgent language or airdrop incentives. If you have already clicked a link or shared your recovery phrase, move your funds to a new wallet immediately and contact our support team at support.bitcoin.com.
The attacker may continue contacting people through other means. Please remain vigilant.
General security best practices
This is a good reminder to review your personal security habits. Here are some steps every crypto user should take:
Protect your recovery phrase. Your 12-word recovery phrase is the master key to your funds. Write it down physically and store it somewhere secure — never digitally, never in screenshots, and never shared with anyone. Learn more: Do not share your 12-word recovery phrases.
Enable app security features. Turn on App Lock and spending authentication in your Bitcoin.com Wallet settings. This adds a layer of protection even if someone gains physical access to your device. Learn more: Bitcoin.com Wallet app security features
Know how to spot scams. Be skeptical of unsolicited messages — whether by email, social media, or messaging apps — that ask you to send crypto, click links, or share personal information. Learn more: Bitcoin scams
Check if your email has been compromised. If your email address has appeared in known data breaches, you may be a target for phishing.
For a full overview of how to keep your crypto safe, see our guide: Cryptocurrency security.
Bitcoin.com will never ask users for their private keys or recovery phrases.
The Bitcoin.com Team
Unauthorized Emails Impersonating Bitcoin.com was originally published in Bitcoin.com on Medium, where people are continuing the conversation by highlighting and responding to this story.
