Recognizing phishing attempts
Phishing attacks often mimic official platforms and social accounts. Look for small domain differences, unexpected redirects, or requests to sign unusual messages. Never input your seed phrase or private key into a webpage, and be suspicious of “free mint” or “claim now” links promoted on social media without verified proof.
Audit and revoke approvals
Regularly audit your wallet’s token approvals. If you see contracts you don’t recognize, revoke them immediately. Many wallets and third-party dashboards provide approval review tools. Reducing unnecessary approvals significantly reduces exposure to unauthorized transfers.
Lost access — recovery options
Because OpenSea uses self-custodial wallets, account recovery depends on your wallet provider: if you have your seed phrase or hardware wallet, you can restore access. If your device is lost but seed phrase remains safe, create a new device and restore. If seed phrases are lost, unfortunately, there is no centralized recovery—this highlights why safe offline backups are critical.
Post-incident checklist
- Disconnect the wallet from all connected sites.
- Revoke approvals using a secure device.
- Move unaffected assets to a new wallet with a new seed phrase (use a hardware wallet if possible).
- Document transactions and timestamps for reporting.
These steps will help you respond quickly and limit the damage when incidents occur. Proactive approval management and careful handling of your seed phrase are the easiest, most effective defenses.