Simple Tips to Protect Yourself from Phishing, Impersonators, and Too-Good-To-Be-True Crypto Offers
In the world of crypto, staying in control of your assets means staying alert. Scams can take many forms like fake support reps, phishing emails, giveaway schemes, and more—and they often look more convincing than you’d expect. In this guide, we’ll walk you through common red flags and simple, practical steps you can take to spot a scam before it puts your funds at risk.At Casa, your security is our top priority. To protect your funds and personal information, we have a strict policy: we will never call you by phone.
Why Casa Will Never Call you by Phone
Phone-based scams and impersonation attempts are a growing threat in the crypto space. By removing phone calls from our communication channels, we eliminate a major avenue for social engineering attacks.
How We Communicate Securely
-
No Phone Calls
Casa team members will never initiate a phone call to you. If you receive an unexpected call claiming to be from Casa, it's a scam, hang up immediately and report it to us. We’ll also never ask you to call us. All communications are made through our secure video calls or via our official email, help@team.casa. -
Video Calls by Request Only
If you ever need to speak with a Casa advisor, we’re happy to meet with you via secure video call (Google Meets). All calls must be booked by you using the official Casa calendar link we provide. -
App-Based Identity Verification (for Premium and Private Client Members)
Before discussing anything sensitive, we’ll ask you to verify your identity using a one-time code from your Casa App. This helps ensure that only you can access your account.
Verification is a two-way street, always ask your Casa Advisor for their verification code as well. You’ll see this code in your app, confirming that you’re speaking with a legitimate Casa team member.
See: Enhanced Account Security: Verification Codes
If you see or receive anything that seems suspicious, please don’t click on anything or take any action, reach out to us first at help@team.casa. We're here to help verify and keep your account safe.
Identifying Phishing Attempts
Urgent or Threatening Language:
Phishing messages often create panic to push you into quick action, like "Your account will be locked in 24 hours" or "Unauthorized login detected"
Unfamiliar or Slightly Misspelled Email Addresses & Domains:
Scammers often use email addresses or URLs that look almost right (e.g., help@team.casa instead of help@team.csa).
Unexpected Requests for Private Info:
Legitimate companies will never ask you to share your:
-
Private keys
-
Seed phrase
-
2FA code
-
Password
Fake Customer Support Accounts:
Phishing often starts with fake support reps on social media, email, or messaging apps. Casa never initiates contact through unsolicited DMs or phone calls.
Suspicious Links or Attachments:
Links may lead to a fake website that looks just like the real one. Always check the full URL before clicking. Avoid downloading attachments from unknown senders.
Too-Good-To-Be-True Offers:
“If you send 0.1 BTC, you’ll get 1 BTC back!”—this is a classic giveaway scam. If it sounds too good to be true, it is.
Poor Grammar or Formatting:
Many phishing messages have awkward language, typos, or inconsistent formatting—a sign they were mass-produced.
Best Practice:
If you receive any communication that appears even slightly suspicious—whether by email, phone call, or text message—do not click on any links or engage with the sender. These could be phishing attempts or contain malicious content.
Instead, contact the company directly using a verified communication channel (such as the official website or support email) to confirm whether the message is legitimate. To help expedite verification, we recommend including screenshots of the suspicious message when you reach out.
Examples:
Example of a sophisticated phishing email impersonating Casa
Example phishing email