As cryptocurrency adoption grows, so do the scams. A new phishing scheme is targeting unsuspecting investors through fraudulent token presale websites, including a recently flagged domain: presale-connect.pages.dev.
This site, and others like it, impersonate legitimate crypto projects by promoting fake airdrops and presale opportunities. But instead of offering real tokens, they’re after one thing—your wallet’s seed phrase.
🔍 What Happened?
Victims reported being invited via Telegram channels to join a “limited presale.” The link redirected them to a sleek-looking site hosted on pages.dev, mimicking real launchpads or dApps.
Once connected to a wallet (e.g., MetaMask or Trust Wallet), the site either failed to sync or presented a manual “seed phrase input” prompt. This is the core of the scam: if you type in your seed phrase, your entire crypto wallet can be emptied in seconds.
Warning: No legitimate project will ever ask for your 12- or 24-word seed phrase—especially not on a public website.
🧠 How the Scam Works
-
Impersonation: Scammers clone the look and feel of trusted crypto platforms.
-
Social Engineering: Victims are lured via fake Telegram groups, Twitter comments, or YouTube influencers promising token airdrops or presale bonuses.
-
Wallet Exploitation: If automatic wallet connection fails, the site asks users to “manually sync” by entering their seed phrase.
-
Asset Theft: Once the phrase is submitted, bots immediately drain the wallet.
⚠️ Red Flags to Watch Out For
| Red Flag | What It Means |
|---|---|
*.pages.dev, *.site, or *.store domain names |
Often used by scammers due to free hosting |
| Seed phrase input requested | 100% scam — this is your private key |
| Urgent countdown timers | Used to create FOMO and rush decisions |
| Telegram-only communication | Lacks transparency or verifiable public audit |
| Broken wallet connection | Fake prompt to bait you into manual entry |
🛡 How to Stay Safe
✅ DO:
-
Use only official websites linked from verified Twitter/X, GitHub, or CoinMarketCap pages.
-
Bookmark trusted crypto tools and launchpads—never rely on random links from chat apps.
-
Enable phishing protection in your browser or use crypto-safe browsers like Brave.
-
Use a hardware wallet for large holdings.
❌ NEVER:
-
Type your seed phrase into any website.
-
Trust Telegram admins or random DMs promising free tokens.
-
Click links from YouTube comments, TikTok influencers, or Telegram presale groups.
-
Connect your wallet to unfamiliar or broken dApps.
🧾 What to Do If You Fell Victim
-
Immediately transfer any remaining funds to a secure wallet.
-
Revoke wallet approvals via sites like revoke.cash.
-
Report the incident to the hosting provider (e.g., Google Pages, Netlify).
-
Alert your community to prevent others from falling into the same trap.
👁 Final Thoughts
The Web3 space offers innovation—but also attracts malicious actors. With scams like presale-connect.pages.dev on the rise, staying alert is no longer optional.
When in doubt, pause and verify. No opportunity is worth risking your entire crypto portfolio.
🧷 Quick Reminder:
If a website ever asks for your seed phrase—it’s a scam. Full stop.
