Warning: Over $180 million stolen via this exact scam in October–November 2025 alone.
The New Trick: “Enter Seed Phrase to Update Wallet”
In late October 2025, a new wave of phishing sites appeared that look 100% identical to the official MetaMask popup.
Users see a red banner: “Critical security update required. Enter your recovery phrase to continue using MetaMask.”
The URL? metamask-io.io, metamask-extension.net, metamask-security.com — never the real metamask.io.
Fact: MetaMask will never ask for your seed phrase on a website. Ever. The only time you enter it is during initial wallet creation or hardware restore.
How Victims Get There
Scenario that drained 4,200+ wallets last week:
- You click a fake “Claim $PENDLE airdrop” ad on X (Twitter).
- Site asks to “connect wallet” → fake MetaMask popup opens.
- After connecting, a new tab shows the fake update page.
- Timer countdown: “Update in 2:59 or lose access forever.”
- Victim pastes seed phrase → wallet emptied instantly.
$180M+
stolen Oct–Nov 2025
87 sec
fastest recorded drain
0
official MetaMask popups ask for seed
How to Avoid Falling for It (100% Protection)
- Bookmark the real MetaMask: metamask.io — never Google it
- Use hardware wallet (Ledger/Trezor) — seed never touches browser
- Enable “Seed Phrase Hidden” in MetaMask settings (blurs phrase)
- Install RabbitHole or Wallet Guard extensions — block known phishing domains
- If a site asks for seed phrase → close immediately, it’s 100% scam
Conclusion
In 2025, phishing isn’t about bad spelling anymore. These sites are pixel-perfect.
The only thing they can’t fake: MetaMask will never ask for your seed phrase on a website.
Remember that one rule — and you’re untouchable.
Check Your Seed Phrase for Leaks
It’s free. Takes 30 seconds. Could save your money.