MyEtherWallet users are being targeted by a phishing email scam, according to the official MyEtherWallet Twitter account. The email asks users to send their private keys to a third party email address to avoid having their wallet data compromised.

MyEtherWallet is one of the most popular wallets for Ethereum (ETH) and ERC20 tokens. Users who have fallen victim to the phishing attack risk losing their crypto holdings. If users divulge their private keys to the hackers through the phishing scheme, it could put their crypto holdings at risk of theft.

The phishing email is slightly smarter than your average phishing email. The email details a supposed security breach that occurred in January 2019. The email is designed to look like it has come from the official MyEtherWallet development team, which advises users to sign into their wallets and change their information to avoid having that information compromised.

Users, if they proceed through the email, then enter their private key or seed phrase.

As soon as you enter your private key or seed phrase, your cryptocurrency holdings can be seized by the hackers.

The MyEtherWallet team is encouraging users to stay vigilant over security. On Twitter, the MEW team alerted users to the phishing email. Their tweet also contained a screenshot of the email in question.

Attention #MEWfam, There's another phishy email going around asking users to give up personal information. Don't believe the hype! #1. We will never email you first (only reply to support).

#2. We will never ask for your private key (or other sensitive info).

#3. Be skeptical! pic.twitter.com/654TLIt5ar — MyEtherWallet.com (@myetherwallet) February 4, 2019

“There’s another phishy email going around asking users to give up personal information,” explained the MEW team. “Don’t believe the hype.”

The MEW team also reminded users that they will never email you first and never ask for your private keys or other sensitive information. The only time you would receive a specific support request email from MEW is if you file a support request.

How the Email is Fooling MyEtherWallet Users

The email isn’t your traditional phishing email. It’s clever and well-written enough to fool users – although there are still plenty of red flags that make it clear you’re dealing with a scam.

“As security as a primary concern of ours, we want to make sure you are aware of a recent data compromise that have affected your MyEtherWallet with the following Ethereum address: [YOUR ADDRESS],” begins the email.

The data compromise, of course, never actually occurred. Your MyEtherWallet data is fine. However, the rest of the email is dedicated to convincing you that you are a victim of the data leak:

“MyEtherWallet’s Google Domain Name System registration servers were hijacked during January 2019 which resulted in a large-scale man-in-the-middle attack,” adds the email. “MyEtherWallet itself didn’t get compromised. Instead, they attacked the infrastructure of MyEtherWallet, intercepting DNS requests for MyEtherWallet to their own server address. Although the issue has been resolved, we urge our users to take precautions.”

The email adds that any users who received the email can assume they were affected by the leak. Affected users are encouraged to download their wallet’s private key before replying to the email, at which point the support team will be in contact. We presume the support team will tell users to.

The email is slightly better than the average phishing email, which are often riddled with grammatical errors and spelling mistakes. However, there are plenty of errors and red flags. It also seems unusual that the final step requested by the scammers is to “reply to this mail” and receive specific instructions from the MyEtherWallet team.

Phishing Attacks Are Common in the Crypto World

This isn’t the first time crypto users have been targeted by a major phishing attack. Last year, LocalBitcoins users were targeted en masse to visit a compromised LocalBitcoins forum where they entered their username and password. A number of users were compromised by the attack, and LocalBitcoins was forced to temporarily disable its compromised forum. It’s believed that users collectively lost $28,000 in that attack.

Ultimately, you should never give your private key to anyone – even if you receive an email with some clever social engineering tactics.