While phishing scams come in many forms, the most common scenario occurs when a client uses a search engine to search the word “Kraken”, clicks on the first link they see and unknowingly enters their sign-in credentials into a fraudulent site pretending to be the actual Kraken website. These sites will often look almost identical to the official Kraken site, the most telling difference being that the URL (website address) is noticeably different from the official URL, www.kraken.com/sign-in.
Another method of phishing occurs when you receive an unsolicited email or text that asks you to click a link or sign-in to your account. This could be a scammer impersonating Kraken or another exchange or wallet provider. The links will lead to a website that looks almost identical to the actual exchange or wallet.
These links are malicious and will request that you enter your username and password or, in the case of a wallet, your 12 or 24 word seed phrase. Any information that you input will be recorded, sent to scammers, and be used against you to gain access to your accounts and steal your crypto.
It is important to be very careful and practice good habits to avoid falling victim to these scams.
How to protect yourself:
- Bookmark www.kraken.com/sign-in to avoid using search engines to navigate to our site.
- Check the URL of the website you’re visiting to ensure it is the actual site. Ask yourself if the name of the business is spelled correctly.
- Ensure the website’s URL begins with “https“.
- Look for the closed lock icon 🔒 in the address bar.
- Never click on the link found inside the email or text.
- Never disclose your 12 or 24 wallet seed phrase online.
- Bookmark the legitimate websites you visit often.
We will never...
- ask you for your username. Keep your username secret!
- ask you for your passwords. Never give out your passwords to anyone who asks.
- ask you to remove or change your security settings.
- request access to your devices via remote desktop access software.
- Always navigate to Kraken by either bookmarking or manually typing www.kraken.com in your browser's address bar.
- Never click on links or search results that look like kraken.com.
- Triple-check that your are entering your sign-in credentials on www.kraken.com and no other website that may look similar.
- To contact Kraken Support, always bookmark or navigate to the website manually by typing support.kraken.com into your browser's address bar. Never give out any information about your account unless you opened a ticket via this method.
- If you receive a Kraken Support email from any other address besides email@example.com, please delete it and do not click on any links that may be provided, as they are not legitimately from Kraken Support and should not be trusted.
- Note that our marketing emails are sent via the domain @marketing.kraken.com and can be considered safe if you receive them in your inbox.
- Be aware of man-in-the-middle attacks in which an attacker intercepts emails from one party and relays them with certain amendments to the other party who both believe they are communicating with each other directly. Adding PGP to your email is a good way to prevent this.
Note: We strongly recommend setting up an email account that you only use for Kraken.
- Kraken's phone support is now offering both outbound and *inbound service. More phone support options means there will likely be more phone scammers trying to take advantage of unsuspecting clients.
- Kraken's outbound phone support means you can request us to call you. We will never call you unless you contact us first and request a callback. Additionally, you will receive an email from us confirming a specified time.
- Kraken's inbound phone support means you can call us. Do not use search engines to locate our support phone number or the Kraken website. We recommend you bookmark support.kraken.com and only use this link to navigate to our phone number, which will be found at the bottom of the page on our support center.
- If you accidentally called or receive a call from a scam number, please create a support ticket and let us know as many details as possible regarding the call.
*We are currently in our beta testing phase for our inbound phone support which means this service is only being offered to a select amount of clients.
- Our social media team only provides general support and an option to escalate your ticket using an online form.
- If someone claiming to work for Kraken contacts you on social media, never give them any information besides the ticket number of your issue.
Click here for more info on how to report a phishing incident.