Skip to main content

How to Protect Your Assets from Impersonation Scams and Phishing

This document introduces the types of impersonation and phishing scams that can occur while using the D’CENT Wallet, and provides basic security guidelines to protect your assets and steps to take if you suspect a scam.

- D’CENT Wallet is a non-custodial wallet, meaning your recovery words (mnemonic phrase) and private key are stored only on your device, not on a server.

- Be aware of scams involving fake customer support or employees via phone, messaging apps, social media, or email, as well as phishing websites/accounts, malicious links, and unauthorized DApp signature (Approve) requests.

- D’CENT will never ask for your recovery words, private key, PIN, app password, or fingerprint information, and will never contact you first via Telegram or social media DMs.

D’CENT Wallet is a non-custodial wallet, which means your recovery words (mnemonic code) and private keys are generated and stored only on your device, not on D’CENT servers.

In addition, the biometric wallet is not directly connected to the network, making it highly resistant to hacking attempts.

However, real cases of asset loss have occurred due to recovery word exposure, impersonation scams, phishing links, and misuse of token approvals, often caused by user negligence or social engineering attacks.

Based on actual cases reported to the D’CENT Support Center, we outline the most common scam types and how to prevent them below.

[Common Impersonation and Phishing Scam Types Reported So Far]

  1. Fake Customer Support Phone Calls
    • Users contact a non-official phone number found via online search while trying to reach D’CENT Support
    • Scammers claim “your wallet is frozen” or “a security check is required” to create urgency
    • Users are directed to a specific website under the pretense of “wallet recovery” or “issue resolution”
    • The site requests entry of recovery words (mnemonic code) or transaction signing
  2. Impersonation of Employees (Developers / Support Staff)
    • Scammers pretend to be “D’CENT developers” or “D’CENT support staff” via Telegram or messaging apps
    • They approach users claiming to “help recover assets” or “provide technical support”
    • During the conversation, they request wallet information, recovery words, private keys, or ask users to install specific apps or visit certain websites
  3. Social Media Account Impersonation (X, Telegram, etc.)
    • Fake accounts impersonating “D’CENT Team” or “D’CENT Support” on X (formerly Twitter), Telegram, and other platforms
    • Phishing links shared via posts or direct messages (DMs)
    • Users are lured with messages such as “airdrop available,” “issue resolution,” or “mandatory update,” leading to recovery word input or signing requests
  4. Fake D’CENT Website (Phishing Sites)
    • Phishing websites that closely copy the official D’CENT website
    • URLs may look similar but contain subtle differences in domain spelling, subdomains, or paths
    • Users are prompted to “connect wallet,” “recover assets,” or “complete a security check,” resulting in theft of recovery words, private keys, or signatures
  5. Phishing Emails Impersonating D’CENT
    • Mass emails sent with subjects such as “Portfolio backup failed” or “Security check required”
    • Emails urge users to click a phishing link for “manual backup” or “security verification”
    • The linked site requests recovery word input or asks users to download and run files

[D’CENT Will Never Make the Following Requests]

Official D’CENT Support and employees will never:

  • Ask for your 24 recovery words (mnemonic code), private key, or wallet PIN
  • Ask you to visit external websites or sign transactions under the pretense of wallet recovery or issue resolution
  • Force you to sign transactions (Approve, etc.) on specific DApps
  • Contact you first via phone, email, social media, or direct messages claiming that “an issue has been detected” or that “recovery is required”
  • Provide technical support via messaging apps such as Telegram
    (D’CENT does not operate a Telegram customer support channel)

If you receive any of the above requests, treat them as impersonation scams and do not provide any information.

[Remember: D’CENT Is a Wallet Where You Protect Your Own Assets]

D’CENT is a non-custodial wallet, meaning users are fully responsible for managing and securing their assets.

Please strictly follow these security guidelines:

  1. Recovery words (mnemonic code) are the key to your assets.
    • Never share them with anyone.
    • Never store them digitally (photos, notes apps, cloud storage, email, etc.).
  2. Never share your PIN, biometric data, or app password.
    • Do not register or expose them on any device other than your own.
  3. Use D’CENT only via the official website and official apps.
    • Download apps only from official app stores.
    • Avoid clicking sponsored links, shortened URLs, or unknown links in search results.
  4. If you have connected your wallet to a suspicious DApp or approved permissions. 
  5. D’CENT Support responds only via official email or the 1:1 inquiry.
  6. D’CENT does not operate a Telegram channel and will never contact users first via phone calls, emails, or social media DMs (X, Telegram, etc.).

[If You Suspect Fraud, Take Action Immediately]

  1. Move your assets immediately to a new, secure wallet address
  2. Report the incident to local law enforcement or a cybercrime unit
  3. Contact D’CENT Support via a 1:1 inquiry
    1:1 inquiry

If you believe your assets may already have been compromised, please also refer to the following article for additional steps:

I think my wallet has been hacked. There was a transaction I didn't approve. All of my coins are suddenly gone.

[Official Channels]

※ D’CENT does not operate a Telegram channel and will never contact you first via direct messages.

※ Phone support is available only for users in Korea.
Users outside of Korea should contact us via 1:1 inquiry or email.