How the scam operates.
my-etherwallet.ch menampilkan dirinya sebagai antarmuka wallet Ethereum yang sah, secara visual maupun nominal meniru sebuah layanan tepercaya yang sudah mapan dalam ekosistem Ethereum. Domain bertanda hubung dan TLD kode negara Swiss dirancang agar tampak kredibel bagi pengguna yang menemukan tautan tersebut melalui hasil pencarian, email phishing, atau pengalihan media sosial, yaitu kalangan yang mungkin tidak meneliti sebuah URL sebelum memasukkan kredensial sensitif.
Pola operasionalnya konsisten dengan serangan pengumpulan kredensial dan penangkapan seed phrase. Replika yang meyakinkan dari layar login atau impor wallet meminta private key, frasa pemulihan mnemonik, atau berkas keystore milik pengguna. Karena antarmuka tersebut mencerminkan desain yang sudah dikenal, pengguna tidak melihat adanya kejanggalan secara langsung. Operator menerima kredensial yang dikirimkan secara waktu nyata dan memulai transfer aset dari wallet yang telah disusupi sebelum korban menyadari adanya masalah.
Titik kegagalan biasanya terjadi pada saat pengguna mencoba mengakses wallet mereka setelah pengiriman dan menemukan antarmuka yang kosong, pengalihan ke layanan yang sah, atau sekadar mendapati bahwa aset on-chain mereka telah dipindahkan ke alamat yang tidak dikenal. Pada tahap itu, transaksi tersebut sudah tidak dapat dibatalkan. Operator situs jenis ini tidak menanggapi upaya kontak, dan infrastruktur hosting umumnya ditinggalkan atau dirotasi tidak lama setelah satu gelombang korban.
Red flags we documented.
- 01Domain constructed to impersonate a recognised wallet serviceThe hyphenated structure and non-standard TLD of my-etherwallet.ch are consistent with a deliberate typosquat. Users arriving via mistyped URLs or deceptive links would encounter a domain visually similar to a legitimate wallet platform, creating a false sense of authenticity before any content is loaded.
- 02Confirmed listing on CryptoScamDB blacklistThe domain appears in the CryptoScamDB community blacklist, a collaboratively maintained register of addresses associated with cryptocurrency fraud. Blacklist inclusion signals that the domain has been independently flagged and reviewed as malicious, not merely suspicious.
- 03Credential-harvesting pattern consistent with wallet-drain operationsSites impersonating Ethereum wallet interfaces are almost exclusively designed to capture private keys, seed phrases, or keystore credentials. Submission of any such material to a fraudulent interface typically results in complete and irreversible loss of all assets held in the targeted wallet.
- 04No documented affiliation with any legitimate organisationThere is no evidence that my-etherwallet.ch has any authorised relationship with any established wallet provider, open-source project, or regulated financial entity. The apparent branding association is the mechanism of deception, not a legitimate licensing or partnership arrangement.
- 05Asset loss is irreversible once credentials are submittedUnlike traditional financial fraud, blockchain transfers cannot be reversed by a third party after execution. Once a private key or seed phrase is captured by a fraudulent operator and assets are moved, no technical recovery pathway exists. Any service claiming otherwise should be treated with significant caution.
What you can do now.
Open a free 24-hour case assessment with CryptoLeek +
Tell us what happened. A senior analyst reads your file within 24 hours and replies with an honest yes/no/conditional on recovery. The assessment is free. If we cannot recover the funds we say so plainly, including which (free) regulator channel you should use instead. If we accept the case, we open a numbered case file and issue a written quote for a flat investigation retainer before any work begins, scoped to case complexity, the jurisdictions involved, and the on-chain trail.
Trace your funds on-chain with our analysts +
We trace stolen crypto across BTC, ETH, EVM L2s, Solana, Tron, and major stablecoins using the same toolchain as regulators and tier-1 exchange compliance teams. The output is a forensic report anchored to specific transaction hashes and block heights, the evidence that exchanges, payment processors, and counsel actually act on. Recovery starts here.
Recover with counsel where civil action makes sense +
Where the trace lands in a jurisdiction with cooperative banks and courts, we coordinate with bar-licensed counsel in our 40+ jurisdiction network for civil action and asset-freezing orders (Mareva-style). Counsel bill you directly; the CryptoLeek investigation retainer is independent of counsel fees. The outcome is funds released back to your nominated wallet or bank account.