Someone messaged me in a forum group about a token I own, asking how to start a token on the blockchain along with a few other questions. After chatting back and forth, they offered to pay me upfront for my help.
I thought they must be a scammer, but I was curious about their plan since they wanted to send money first. So I decided to keep the conversation going.
They told me they couldn’t send the money to my wallet address because they had been scammed before by trusting people too quickly. Instead, they asked me to set up a new wallet and share the new recovery phrase with them, promising to load it with funds.
We all know that the recovery phrase is private and should never be shared, so I directly confronted them and asked why they were lying and how the scam worked. Surprisingly, they cooperated and shared the details.
It turns out when you create a new recovery phrase in a wallet app like Phantom or MetaMask, scammers can use that phrase to access not only the new wallet but also all other wallets you have on that app, allowing them to steal your money.
I really hope this post helps others avoid falling for scams like this.
One seed phrase has no ties to another even if generated by the same wallet in a row. This just isn’t true.
The scammer wants you to make a new wallet, not a new seed phrase. Then they want you to supply the seed for that new wallet which will also be the seed for your other wallets.
@Sia
I see it as a slight of hand trick, simple yet effective… easy to confuse someone by focusing attention on the wallet. A new seed phrase you create for a new wallet is also the new phrase for all wallets in your MetaMask.
@chloesuge
I think the real issue is poor wallet design that doesn’t make it clear that new accounts use the same seed, just a different derivation path.
Even tech savvy users might not remember their seed phrase they backed up, so they don’t connect it with the existing seed.
Just adding a note saying do not share your seed would be a simple step in wallet design. And always use multi-signature schemes when multiple people need wallet access.
If you’d like to create and manage multiple MetaMask accounts, you could do so simply by adding more accounts. Each of these is associated with the same Secret Recovery Phrase: think of your wallet as holding one or more accounts.
Can you read it yourself?
Only way to get another seed is to use a different browser profile or device.
I wasn’t discussing MetaMask. Other wallets like Bitget and OKC can load different seeds onto a single wallet.
Can you read it to yourself?
Only way to have a different seed is to use another browser profile or device.
You’re clearly lacking reading skills since I NEVER said MetaMask can load multiple seed phrases. Accounts aren’t the same as seed phrases. Please read the docs.
Jace said: @Sia
How can they access your money if no seed is shared?
They can’t. The entire scam is about tricking you into giving up your seed phrase.
I lost funds without giving them my phrase. So they must have done something. Could they have seen my screen when I typed it in? Sorry, not the OP but my experience is similar and I’m still trying to understand what happened.
Edit. OP
@Jace
Your phone or computer was likely compromised already. You should consider them to be at risk and switch to a hardware wallet. Avoid typing your seed on your phone or computer, or reset both back to factory settings.