# Phishing Attack

{% hint style="warning" %} <mark style="color:red;">Please read carefully to understand actions that need to be performed to prevent further loss</mark><mark style="color:red;">**.**</mark>
{% endhint %}

{% embed url="<https://www.youtube.com/watch?v=UdaEJPq2mwE>" %}
3 Minutes Guidance After Being Phished
{% endembed %}

## What should I do if my assets are stolen?

**First**, identify the cause and take appropriate measures to prevent further losses.&#x20;

**Second**, attempt to recover the losses through tracking and investigation.  **It is important to note** that recovering losses often requires significant time and effort (and it's nearly impossible to recover funds in most cases), so it is advisable to prioritize minimizing further damage promptly.

**Third**, [read this document](/metasleuth/avoid-being-a-phishing-victim.md) to become aware of phishing attacks and avoid becoming a victim of phishing.&#x20;

## How to avoid further losses?

<mark style="color:red;">If it is a case of private key compromise</mark>, it is recommended to **immediately** transfer the remaining assets from that address to a **secure** wallet on **all relevant blockchains**.&#x20;

<mark style="color:red;">If your passphrase has been leaked</mark>, use a new passphrase to generate new addresses and transfer all remaining assets in the addresses generated by the leaked passphrase to new ones.

<mark style="color:red;">If it is a phishing incident</mark>, use [Approval Diagnosis ](/metasuites/user-security-features/approval-diagnosis.md)to revoke unnecessary approvals immediately to prevent further loss (<mark style="color:red;">**very important!!!**</mark>). Then, use [MetaSleuth](https://metasleuth.io) to track the fund flow and monitor the stolen funds if needed. Report to law enforcement and corresponding crypto exchanges.&#x20;

## Can I recover my losses?

Recovering stolen funds is generally difficult in most cases. Here are some suggestions:

* If you have suffered significant losses, file a report with your local law enforcement agency. You can provide them with a phishing report or fund flow chart generated by [MetaSleuth](https://docs.blocksec.com/metasleuth/introduction) to help them understand the situation you have encountered.
* If you urgently need to recover stolen funds, consider seeking assistance from professional investigation agencies or firms specializing in asset recovery.

{% hint style="danger" %}
DO NOT give sensitive information like your passphrase to anyone claiming they can recover your lost funds. <mark style="color:red;">**DO NOT trust anyone who claims to represent BlockSec to recover your loss.**</mark>&#x20;

See our Twitter thread. <https://twitter.com/MetaSleuth/status/1656144511934791680>
{% endhint %}

## What can I do with MetaSleuth?

MetaSleuth primarily assists you in two ways.

**Firstly, you can use** [**MetaSleuth**](https://metasleuth.io/) **to track stolen funds.** If you discover that the stolen funds have entered centralized exchanges or flash exchanges, you can seek assistance from these platforms and gather evidence (usually with the help of law enforcement) to further the investigation.

**Secondly, you can utilize MetaSleuth's** [**monitoring**](https://metasleuth.io/monitor) **feature** to continuously monitor the stolen funds, enabling you to stay informed about the movement of funds and follow up on any leads.

Here are some contact information for exchanges (updating):

* Binance
  * [Binance Court Orders Portal (For Freezing/Disclosure Orders) ](https://www.binance.com/en/binance-legal)
  * [Government Law Enforcement Request System](https://www.binance.com/en/support/law-enforcement)
* [Coinbase](https://help.coinbase.com/en/coinbase/other-topics/legal-policies/who-do-i-contact-for-a-subpoena-request-or-dispute-or-to-send-a-legal-document)
* OKX: [Law Enforcement Request Guide](https://www.okx.com/support/hc/en-us/articles/360021858931-Law-Enforcement-Request-Guide)
* Bitfinex: [Bitfinex Law Enforcement Requests Policy](https://www.bitfinex.com/legal/general/law-enforcement-requests-policy)
* Crypto.com: [How can Law Enforcement Agencies get in touch with Crypto.com](https://help.crypto.com/en/articles/1360625-how-can-law-enforcement-agencies-get-in-touch-with-crypto-com)
* Huobi: [How to Contact Customer Service](https://www.huobi.com/support/en-us/detail/360000674851)
* Kucoin: [Law Enforcement Request Guidelines](https://www.kucoin.com/zh-hant/news/law-enforcement-request-guidelines)
* Fixedfloat: <info@fixedfloat.com>
* ChangeNow: <compliance@changenow.io>
* StealthEX: <support@stealthex.io>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.blocksec.com/metasleuth/phishing-attack.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.