Table of Contents

The most important rule to protect your funds Common phishing and scam tactics impersonating BitBox Urgent security warnings Requests to “verify”, “sync”, or “restore” your wallet Fake websites that look almost identical Suspicious attachments or downloads Clear warning signs of phishing attempts Why you may receive phishing emails or calls What BitBox will never do Official and controlled BitBox domains What to do if you encounter a phishing attempt If you only received the message or call If you clicked a link but entered no information If you entered recovery words Reporting phishing attempts (optional) Frequently asked questions A website or caller asks me to enter or speak my 24 recovery words to “secure” my wallet. Is this legitimate? How did scammers get my email address or phone number? Have there been past data breaches related to BitBox? How can I report a phishing website, message, or call?

Phishing and scam attempts targeting BitBox users have become increasingly sophisticated. Fraudulent emails, fake websites, phone calls, and impersonation messages are designed to look professional and trustworthy — but their goal is always the same: to trick you into revealing sensitive information or recovery words.

This guide explains how to recognize phishing attempts, avoid common scam tactics, and understand what to do if you encounter a suspicious message, call, or website claiming to be related to BitBox.

The most important rule to protect your funds

If you remember only one thing, remember this:

Never enter your wallet backup (your recovery words) anywhere except directly on your BitBox02 hardware wallet.

 

BitBox will never ask for your recovery words — not by email, not by website, not by app, not by phone, and not by support staff.

Any message, website, or call requesting your recovery words is a scam.
Entering them anywhere else immediately puts your funds at risk.

 

Additionally, never unlock your BitBox02 when it is connected to an untrusted or suspicious application.

Only connect and unlock your BitBox02 using:

  • The official BitBoxApp
  • Trusted, well-known wallet software you intentionally installed

If an application, website, or message asks you to connect your BitBox02 and unlock it to “verify”, “secure”, or “restore” your wallet, treat this as suspicious.

Unlocking your BitBox02 while it is connected to a malicious application can put your funds at risk — even if you never share your recovery words.

 

Common phishing and scam tactics impersonating BitBox

Scammers repeatedly reuse the same techniques. Being familiar with these patterns makes them much easier to identify.

Urgent security warnings

Messages or calls claiming things like:

  • “Unusual activity detected”
  • “Your wallet is in danger”
  • “Immediate action required”
  • “Your funds will be frozen”

These are designed to create panic and pressure you into acting quickly.

BitBox does not send urgent security alerts that require immediate action via email, phone calls, or messages.

 

Requests to “verify”, “sync”, or “restore” your wallet

Scam websites or callers may claim you must:

  • Verify ownership
  • Sync your wallet
  • Restore access
  • Complete a security check

These actions almost always lead to a request for your recovery words.

There is no legitimate reason to ever enter or speak recovery words.
This is always malicious.

 

Fake websites that look almost identical

Phishing websites often copy:

  • Layout, logos, and colors
  • Text from official pages
  • Product images

The difference is usually the domain name, not the design.

Suspicious attachments or downloads

Some phishing emails include:

  • PDF invoices
  • ZIP files
  • “Security updates”
  • Unexpected order confirmations

BitBox does not send unsolicited attachments asking you to open or install software.

Do not open unexpected attachments, even if the email appears professional.

 

Clear warning signs of phishing attempts

Before clicking, responding, or engaging, check for these red flags:

  • Sender or caller feels rushed or threatening
    Pressure, deadlines, or fear-based language
  • Unexpected contact
    Especially if you did not initiate the conversation
  • Links that do not clearly lead to BitBox
    Hover over links before clicking. If unsure, open a new browser tab and type the address manually.
  • Requests for sensitive information
    Recovery words, PINs, passwords, or screenshots are never requested by BitBox.

Why you may receive phishing emails or calls

Receiving a phishing message or call does not mean your BitBox, wallet, or device has been compromised.

Phishing campaigns are typically sent in bulk using publicly available contact data, information from unrelated third-party breaches, or random dialing and messaging attempts.
Attackers usually do not know whether you actually own a BitBox.

 

For background on scam emails and how to identify them, see:

What BitBox will never do

Knowing what is guaranteed not to happen makes scams easier to spot:

  • BitBox will never ask for recovery words
  • BitBox will never request PINs or passwords
  • BitBox will never ask you to verify or sync wallets online
  • BitBox does not have access to wallets, balances, or devices
  • BitBox will never contact you first by phone
  • BitBox will never send you unsolicited direct messages on Telegram, social media, or forums

If someone contacts you first and claims to be BitBox support, this is not legitimate.

 

Official and controlled BitBox domains

While phishing awareness goes beyond domain checking, verifying the website address is still an important step.

BitBox controls the following domains:

Domain Purpose
bitbox.swiss Main website
shop.bitbox.swiss Online shop
support.bitbox.swiss Knowledge base
blog.bitbox.swiss Official blog
contact.bitbox.swiss Contact form
shiftcrypto.support Support site
shiftcrypto.io Redirect
digitalbitbox.com Redirect
shiftcrypto.org Redirect
shiftcryptosecurity.ch Redirect
shiftcryptosecurity.com Redirect
shiftdevices.com Redirect

If a website looks like BitBox but uses a different domain, treat it as suspicious.

All official domains use HTTPS encryption. Your browser should show a lock icon in the address bar.

What to do if you encounter a phishing attempt

If you only received the message or call

  • Do not click any links
  • Do not open attachments
  • Do not engage or respond
  • Ignore or delete the message
  • Close the website immediately
  • Do not revisit it
  • No further action is usually required

If you entered recovery words

Your funds are at risk.
Move your assets immediately to a new wallet using a fresh recovery phrase.
Do not reuse the compromised backup.

 

Reporting phishing attempts (optional)

You do not need to report phishing attempts if you are confident and did not interact with them.

If you are unsure, or would like us to review a message, website, or call, you can contact us and include the details you received:

https://contact.bitbox.swiss/de/contact/ 

Do not reply to scammers or continue interacting with them.

 

Frequently asked questions

A website or caller asks me to enter or speak my 24 recovery words to “secure” my wallet. Is this legitimate?

No. This is always a scam. Recovery words must only ever be entered directly on your BitBox02 device.

How did scammers get my email address or phone number?

Phishing campaigns often rely on public data or unrelated third-party data leaks. This does not indicate a compromise of your BitBox or wallet.

We communicate transparently about security-relevant incidents.
You can find our public explanations here:

At no point were wallet data, recovery words, or device information exposed.

How can I report a phishing website, message, or call?

If you are unsure or want confirmation, contact us and share the details: https://contact.bitbox.swiss/de/contact/ 

Related Articles

Was this article helpful?

Give feedback about this article