If you've received an email that appears to be from OpenSea but seems suspicious, it is likely a phishing scam. These emails often mimic legitimate offer alerts or account warnings to trick you into connecting your wallet to a malicious site that can drain your assets.
Types of Scam Emails
- Fake Offer Alerts: Informs you of a high bid on your NFT with a "Review Offer" button that leads to a fraudulent site.
- Transaction Errors: Claims a purchase failed or your account has "insufficient gas," requiring you to add funds.
- Urgent Account Verification: Prompts you to "migrate" your listings or verify your wallet due to a security update.
- Fake Token Airdrops: Tells you that you have rewards or $SEA tokens waiting to be claimed.
Verify a Real Email
OpenSea has specific security markers to help you distinguish real communications from fakes:
- Sender Domain: Official emails ONLY come from the
opensea.io domain. Support replies come specifically from support@help.opensea.io. - Verification Marks: Look for a blue checkmark in Gmail or a "Digitally Certified" badge in Apple Mail.
- No Attachments: Authentic OpenSea emails never include attachments or requests to download software.
- No Direct Signatures: They will never include a link that directly prompts you to sign a wallet transaction.
Safe Practices
- Don't Click Links: Instead of using buttons in an email, navigate directly to OpenSea.io in your browser to check for offers or notifications.
- Inspect Hover Links: If you must check, hover your mouse over the button to see the destination URL. Scammers often use look-alike domains like
opennseaa.com or com-marketplace.io. - Check Your Profile: Genuine offers will always appear in the "Offers" tab of your OpenSea Profile.
- Report the Phish: You can report suspicious emails through the OpenSea Help Center or directly to your email provider.