How the scam operates.
my-etherwallet.ch se apresenta como uma interface legítima de wallet Ethereum, imitando visual e nominalmente um serviço consolidado e confiável dentro do ecossistema Ethereum. O domínio com hífen e o TLD de código de país suíço foram construídos para parecer críveis aos usuários que encontram o link por meio de resultados de busca, e-mails de phishing ou redirecionamentos em redes sociais, públicos que talvez não examinem uma URL com atenção antes de inserir credenciais sensíveis.
O padrão operacional é consistente com ataques de coleta de credenciais e captura de seed phrase. Uma réplica convincente de uma tela de login ou de importação de wallet solicita ao usuário a chave privada, a frase mnemônica de recuperação ou o arquivo keystore. Como a interface reproduz um design familiar, os usuários não percebem nenhuma irregularidade imediata. O operador recebe as credenciais enviadas em tempo real e inicia transferências de ativos a partir da wallet comprometida antes que a vítima perceba qualquer problema.
O ponto de falha costuma ser o momento em que o usuário tenta acessar sua wallet após o envio e encontra uma interface em branco, um redirecionamento para o serviço legítimo, ou simplesmente descobre que seus ativos on-chain foram movidos para um endereço desconhecido. Nesse estágio, a transação é irreversível. Os operadores de sites desse tipo não respondem a tentativas de contato, e a infraestrutura de hospedagem costuma ser abandonada ou trocada pouco depois de uma onda de vítimas.
Red flags we documented.
- 01Domain constructed to impersonate a recognised wallet serviceThe hyphenated structure and non-standard TLD of my-etherwallet.ch are consistent with a deliberate typosquat. Users arriving via mistyped URLs or deceptive links would encounter a domain visually similar to a legitimate wallet platform, creating a false sense of authenticity before any content is loaded.
- 02Confirmed listing on CryptoScamDB blacklistThe domain appears in the CryptoScamDB community blacklist, a collaboratively maintained register of addresses associated with cryptocurrency fraud. Blacklist inclusion signals that the domain has been independently flagged and reviewed as malicious, not merely suspicious.
- 03Credential-harvesting pattern consistent with wallet-drain operationsSites impersonating Ethereum wallet interfaces are almost exclusively designed to capture private keys, seed phrases, or keystore credentials. Submission of any such material to a fraudulent interface typically results in complete and irreversible loss of all assets held in the targeted wallet.
- 04No documented affiliation with any legitimate organisationThere is no evidence that my-etherwallet.ch has any authorised relationship with any established wallet provider, open-source project, or regulated financial entity. The apparent branding association is the mechanism of deception, not a legitimate licensing or partnership arrangement.
- 05Asset loss is irreversible once credentials are submittedUnlike traditional financial fraud, blockchain transfers cannot be reversed by a third party after execution. Once a private key or seed phrase is captured by a fraudulent operator and assets are moved, no technical recovery pathway exists. Any service claiming otherwise should be treated with significant caution.
What you can do now.
Open a free 24-hour case assessment with CryptoLeek +
Tell us what happened. A senior analyst reads your file within 24 hours and replies with an honest yes/no/conditional on recovery. The assessment is free. If we cannot recover the funds we say so plainly, including which (free) regulator channel you should use instead. If we accept the case, we open a numbered case file and issue a written quote for a flat investigation retainer before any work begins, scoped to case complexity, the jurisdictions involved, and the on-chain trail.
Trace your funds on-chain with our analysts +
We trace stolen crypto across BTC, ETH, EVM L2s, Solana, Tron, and major stablecoins using the same toolchain as regulators and tier-1 exchange compliance teams. The output is a forensic report anchored to specific transaction hashes and block heights, the evidence that exchanges, payment processors, and counsel actually act on. Recovery starts here.
Recover with counsel where civil action makes sense +
Where the trace lands in a jurisdiction with cooperative banks and courts, we coordinate with bar-licensed counsel in our 40+ jurisdiction network for civil action and asset-freezing orders (Mareva-style). Counsel bill you directly; the CryptoLeek investigation retainer is independent of counsel fees. The outcome is funds released back to your nominated wallet or bank account.