Phishing campaigns may circulate by impersonating Waltio or claiming to âwork with usâ. The goal is often to push you to act urgently (click a link, share information, approve an action).
đĄ Youâre safe as long as you donât approve anything. If youâre unsure, stay calm and verify through our official channels.
Best practices
If you have doubts, donât click a link received by message.
Never share: your password, financial and personal information, verification codes (MFA), email/SMS codes, your private key, or your recovery phrase (seed).
Use your usual access: type the website address in your browser (or use bookmarks) rather than following a link.
If youâre unsure, contact us via the website chatbot or by email at [email protected].
Check the security code displayed at the bottom of Waltio emails.
đĄ Keep in mind that Waltio does not and has never had your phone number, as well as your first and last name. We will never contact you by phone.
Q&A
1) What is phishing?
Phishing is a fraud attempt aimed at obtaining sensitive information (logins, codes, personal data) or getting you to approve an action (payment, login, authorization) by pretending to be a trusted service.
It can take the form of:
an email,
an SMS,
a phone call,
or a message on social media.
2) How can I recognize an attempt to impersonate Waltio?
No single sign is perfect, but these clues are common:
Urgent tone: âaccount blockedâ, âimmediate actionâ, âfinal reminderâ.
Unusual request: âsend your codeâ, âconfirm the loginâ, âshare your seedâ.
A link that looks like Waltio but with a slight variation.
A message offering âsupportâ outside the usual channels (unsolicited WhatsApp/Telegram contact, a pushy âadvisorâ).
3) What information will Waltio never ask you for?
To avoid any ambiguity, Waltio will never ask you for:
your password,
your verification codes (email, SMS, 2FA),
your private key or recovery phrase (seed),
to transfer your funds,
to âsecure your accountâ by approving an operation requested by a third party,
to pay your taxes âthrough Waltioâ (Waltio helps you calculate/file, but does not collect tax payments),
your exchange login credentials: Waltio works through supported methods (read-only API keys, history files, public addresses).
4) Can Waltio contact me by phone?
No: Waltio does not initiate phone calls. Waltio does not and has never had your phone number.
If someone calls you claiming to be âWaltioâ (or a âWaltio partnerâ) and asks you to take actions or share sensitive information, itâs fraud.
5) How can I verify that an email really comes from Waltio?
Waltio includes a security code in its emails: a list of words unique to your account.
Find the security code at the bottom of the email.
Compare it with the one shown in your account (Profile / Preferences).
If the email has no code or the code doesnât match, donât click anything and report it to [email protected].
6) What should I do if Iâm unsure?
Youâre safe as long as you donât approve anything.
Donât reply to the message.
Donât open links/attachments.
Open a new tab and go to waltio.com.
Contact us via the chat or by email: [email protected].
7) I clicked a link / shared information: what should I do?
Donât panic: the important thing is to act quickly, step by step.
If you entered your password: change it immediately and enable/strengthen MFA.
If you shared a code (email/SMS/2FA): consider it compromised; change your access and contact support.
If you shared a private key / seed: secure your assets as soon as possible (e.g., transfer to a new secure wallet).
Report it to law enforcement.
Contact Waltio: [email protected].
8) What is Waltio doing on its side?
We are working to:
quickly report phone numbers and domain names impersonating our company,
provide ways to verify the authenticity of our communications (security code),
handle reports and continuously improve our protection measures.
What scams look like in practice
Typical scenario #1: the âsecurity supportâ call from Waltio, Google, or an exchange
You receive a call or an SMS telling you that suspicious activity was detected on your account or that your APIs have been compromised following a security incident.
They explain that your funds are at risk and that you must act immediately. They guide you step by step to perform a âprotectiveâ action.
Conclusion: itâs always a scam.
Typical scenario #2: the âofficialâ email that isnât
You receive an email that looks exactly like an official one. Serious tone, logo, signature, sometimes even your first name.
They ask you to click a link or log in quickly.
Conclusion: the appearance of an email proves nothing.
Typical scenario #3: the fake support channel
A private message on Telegram, WhatsApp, or X offers to help. The account may look credible, sometimes with fake reviews or fake badges.
Conclusion: no serious support team operates via DMs.
Need help?
Contact: [email protected] or the chat (bubble at the bottom-right of the website).