MetaMask will never send you unsolicited emails.
MetaMask will not and cannot initiate email correspondence with you.
We hold no personal identifying information such as names, email addresses, or otherwise — we don't collect these at any point whilst you're creating your wallet. This means we have no means of contacting you directly unless you specifically request it. And even then, there are only a few specific ways you can do this.
If you believe you've received a scam email, either:
- Contact us via the "Start a Conversation" button on the homepage of this site.
- Send the email directly to PhishFort at firstname.lastname@example.org. Include the email headers and any relevant details about the scam (if you're unsure how to get email headers, see the guide in this article).
How to recognize legitimate MetaMask emails
There are only two types of emails MetaMask could ever send you:
- Correspondence about a Support ticket you opened, from email@example.com if it's your first time, or firstname.lastname@example.org (for issues with MetaMask Extension or Mobile) and email@example.com (for issues with MetaMask Portfolio) if otherwise.
- Notifications from the Community page via firstname.lastname@example.org.
See below for further information on how to recognize these.
Emails about Support tickets
The MetaMask Technical Support team are 'layer two' support that you may be in touch with if you already spoke to a member of our help desk team via chat, accessible by clicking the "Start a Conversation" button, and had your case elevated.
To manage each user's ticket, Technical Support use Zendesk — the backend of the same site you're currently looking at. Zendesk tickets are handled via email, which means you may have emails from MetaMask if you've had a ticket open with Technical Support at some point. Learn how to check your tickets here.
Do not trust any email claiming to be from MetaMask Support unless it meets all of these criteria as a minimum:
Any email from MetaMask Support will either be from:
email@example.com, if you've submitted a ticket for the very first time.
- This email will contain instructions to set up your Zendesk account so you can manage your tickets.
- firstname.lastname@example.org or email@example.com — the domains from which you'll receive emails from Technical Support team members about open tickets.
Emails from any other address that claim to be MetaMask Support are scams.
Always make sure to hover over or click on the "From" field in your email client so that you can see the actual address. Just because it says the sender is "MetaMask Support" doesn't mean it's us.
Community page emails
These emails can be:
- An activation email to verify your account when you sign up
- Notifications relating to activity on the Community page, such as mentions, replies, or activity in threads you're watching.
You can adjust your email settings by clicking on the user icon in the top-right, going to 'Preferences', and then heading to 'Emails' and configuring the options there.
How to spot a scam email
Things which should mark out a scam email include:
Inspect the sender's email: is it one of the Support emails we've detailed above? If not, it is almost certainly a scam. To be clear, legitimate emails will be from:
Do not click any links in an email claiming to be from MetaMask that isn't from one of these addresses.
Scammers will almost always try to hide their emails, so it's vital that you make sure you check the actual email address. A common trick that scammers leverage is the fact that many email clients display names for senders in place of email addresses, which are generally only displayed by clicking or hovering over this name.
This mechanism could cause you to be fooled into thinking an email with a sender display name such as 'MetaMask Support' is from us, when in reality, one look at the email address itself will show that it's a scammer.
One of the main ways scammers try to get you to act without thinking is to pressurize you. We come across a wide variety of false reasons for this, but some we've seen include:
- Insisting you need to complete KYC ("know your customer" practices) to continue using MetaMask. You can completely disregard any statement along these lines. MetaMask does not have any form of KYC — the only time you may come across it is when buying crypto in MetaMask, as part of which you may need to complete KYC directly with the provider.
- Advising that your wallet is in some way restricted, 'locked', or suspended, and asking you to take steps to address this.
- Asking you to 'upgrade' your wallet.
- Informing you that your wallet has somehow failed to be updated and that you need to 'verify' it or 'restore' to resume using it. Learn more about how MetaMask updates actually work here.
You may also want to check out our article that covers the most common type of email scams: Will MetaMask ever ask me to verify my account?
Generally, emails can do you no harm unless you click the fraudulent links they contain. That's because these can link to sites designed to steal your Secret Recovery Phrase, for example.
You should never click a link in an email if you have any doubts about security.
We do, however, need to call out here that official MetaMask Support emails will sometimes contain links — especially if regarding email verification for a new Zendesk or Community account. If you're doubtful, check the sender's email address against the addresses we detail above, or get in touch with us and we will advise whether or not you're looking at a scam email.