Apple Support Call MetaMask Seed Theft — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

Apple Support Call MetaMask Seed Theft Scam in India 2026: High-Risk OTP Fraud Alert

A new, high-severity scam involving fake Apple support calls to steal MetaMask crypto wallet seeds is causing major financial losses across India in 2026.

What Is the Apple Support Call MetaMask Seed Theft?

This scam targets Indian users of MetaMask, one of the most popular cryptocurrency wallets, combined with impersonation of Apple support staff. The fraudsters start by calling the victim, claiming to be from Apple’s official customer care, often citing urgent security issues with the victim’s iPhone or Apple ID. They then slowly steer the conversation toward MetaMask, exploiting the victim’s trust to extract the secret 12- or 24-word seed phrase used to access their cryptocurrency wallet.

Once fraudsters gain the seed phrase, they immediately transfer the victim’s crypto-assets, including popular tokens stored within MetaMask, to their own wallets. This scam has been reported increasingly since late 2025, especially in metropolitan areas and tech-savvy user groups. According to public complaints received by cybercrime authorities, thousands of Indians have lost amounts ranging from a few thousand to crores of rupees.

CERT-In and I4C have issued general warnings about fraudsters impersonating tech support teams, and RBI’s advisory on digital wallet safety stresses never sharing One-Time Passwords (OTP) or wallet recovery phrases — but targeted guidance on this MetaMask seed theft variant is still evolving as the scam spreads.

How This Scam Works — Step by Step

1. Initial Contact: The victim receives a voice call or even WhatsApp message claiming to be from Apple Support India, warning of an urgent issue with their iPhone, Apple ID, or App Store account.

2. Gaining Trust: The caller provides a fake complaint or fabricated account breach details to sound convincing, sometimes guiding the victim to open remote access apps or system settings on their phone.

3. Shifting Focus to MetaMask: The fraudster then tricks the victim into opening their MetaMask wallet app — claiming it’s needed to “secure funds from being hacked.” They instruct the victim through a confusing process to access the “Secret Recovery Phrase” (seed phrase) under the wallet’s security settings.

4. Extracting the Seed: The victim recites or enters the full seed phrase over the call or shares screenshots of it, unaware this phrase grants full wallet ownership.

5. Immediate Theft: Using the seed phrase, scammers restore the wallet on their devices and quickly transfer all cryptocurrencies out, often converting to stablecoins and then cashing out through various exchanges.

6. Victim Realizes Too Late: When the victim tries using their MetaMask again, they find the assets gone. Attempts to reverse transactions are futile as blockchain transfers are irreversible.

Real Warning Signs to Watch For

• Calls or messages claiming to be from Apple Support but coming from unknown or suspicious numbers.
• Urgent pressure to provide personal details, OTPs, or wallet seed phrases.
• Requests to open or share screenshots of MetaMask’s Secret Recovery Phrase.
• Offers of remote access or instructions to download apps like AnyDesk or TeamViewer unexpectedly.
• Unsolicited warnings about Apple ID or iPhone security issues without prior contact.
• Instructions to disable two-factor authentication or antivirus apps.
• Use of heavy jargon or confusing technical explanations to rush or confuse the victim.

What Happens to Victims

Victims often face devastating financial losses, losing cryptocurrencies worth lakhs or even crores of rupees in some cases. Since blockchain transactions are irreversible, there is no UPI or bank-style transaction reversal possible. Banks and RBI cannot recover stolen crypto tokens.

Emotionally, victims experience a strong sense of betrayal and helplessness, especially as many had saved these funds painstakingly. This scam also often links to Aadhaar misuse or SIM swap attacks when fraudsters gain further control over mobile numbers, increasing the victim’s vulnerability.

In India, where cryptocurrency adoption is rising, but cyber literacy is uneven, such losses can have serious livelihoods and trust implications.

What RBI and CERT-In Say

The Reserve Bank of India has reiterated that recovering funds lost to crypto wallet scams is extremely difficult and urges users never to share sensitive information like OTPs or seed phrases. CERT-In recommends users stay vigilant about phishing calls impersonating tech support teams and to use official support channels only.

For cybercrime reporting, the Ministry of Home Affairs’ Indian Cyber Crime Coordination Centre (I4C) provides resources and a dedicated helpline through 1930. RBI’s helpline for banking concerns is also available but cannot reverse blockchain frauds.

Both CERT-In and RBI emphasize awareness and prevention as the best defense.

How to Protect Yourself

1. Never Share Your MetaMask Seed Phrase: It is meant to be private and is never required by any official tech support.

2. Ignore Unsolicited Calls Claiming to be Apple Support: Always contact Apple through official channels from their website or app.

3. Do Not Allow Remote Access to Your Phone or Computer: Unless you personally initiated and verified the request.

4. Use Strong Two-Factor Authentication: Prefer app-based authenticators over SMS OTPs for both Apple ID and cryptocurrency exchanges.

5. Monitor Your Wallet Activity Regularly: Use third-party block explorers and alerts to detect unauthorized transactions early.

6. Do Not Follow Confusing Instructions in Panic: If unsure, hang up and verify with known contacts or official support.

7. Report Suspicious Calls or Messages Quickly: Use BharatSecure.app to verify and then report to cybercrime authorities via 1930.

What to Do If You’ve Been Targeted

• Immediately disconnect from the call and do not share any further information.
• Freeze or change passwords for your Apple ID and all linked accounts.
• Report the loss to your local cybercrime police station and file a complaint on cybercrime.gov.in.
• Contact the 1930 cybercrime helpline for guidance on reporting and next steps.
• Inform your cryptocurrency exchange or wallet provider about the theft to prevent further fraud.
• Restore your MetaMask wallet on a new device and generate a new seed phrase (do not reuse the old one).
• Alert your mobile service provider immediately if you suspect SIM swap or Aadhaar misuse.

Frequently Asked Questions

Q1: Can Apple support ever ask for my MetaMask seed phrase?
No. Apple or any legitimate tech support team will never ask for cryptocurrency wallet seed phrases or OTPs. These are personal and sensitive and should never be shared.

Q2: If I shared my seed phrase, is there any way to get my crypto back?
Unfortunately, transactions on blockchain networks are irreversible. You should report to the police and cybercrime portals immediately, but recovery is very difficult.

Q3: How can I verify if a call claiming to be Apple Support is genuine?
Only trust calls initiated by you using Apple’s official support numbers or website channels. Do not trust unsolicited calls or messages telling you to share sensitive data.

Stay alert against such scams. Whenever you receive suspicious calls or messages, do not hesitate to verify at BharatSecure.app and report fraud to the 1930 helpline to protect yourself and others.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.