Warning for Phishing Attempt on Phenom Poker and Turn On 2FA

Warning for Phishing Attempt on Phenom Poker and Turn On 2FA

I have just fallen for a phishing attempt and most likely lost 20+k on Phenom Poker, and I want to warn you about it.
Please turn on 2FA. It could save you from similar instances even if it's a bit of a hassle.



I received this promotional email in the afternoon and clicked into the link without much thought.
It asked for a verification code sent to my email and I entered it.
Right after that I see the usual Phenom Poker lobby but I see my balance showing 0.
I looked at the url and the domain is phenompoker.app instead of phenompoker.com.

Only at this point I realized that something is wrong and contacted support.
They are looking into this but admit that the fund is most likely gone.

The transaction id for my unauthorized withdrawal is 0xd5c955718648d1a43c8c2171d5b218074deb1de4d0e2a8487890c965c5394fa7

I do suspect that Phenom Poker may have leaked their user info or that some internal employee is part of the scam, as they are able to associate my username correctly with my email address.

Moral of the story: Turn on 2FA. I will report back with any new updates.

31 December 2025 at 03:09 AM
Reply...

12 Replies


Earlier posts are available on our legacy forum HERE

thats two shots at wsop main glory. Tough beat.


Here is an update on the situation that I have posted on twitter: https://x.com/camdenhu/status/2009792792...

Tldr: Phenom does not admit any responsibility and refuses to refund me for the lost balance. Another user who was scammed in the same way had his balance withdrawn again after redepositing, even though he did not click on any links and had turned on 2FA at that point.


by camden123

Here is an update on the situation that I have posted on twitter: https://x.com/camdenhu/status/2009792792...Tldr: Phenom does not admit any responsibility and refuses to refund me for the lost balance. Another user who was scammed in the same way had his balance withdrawn again after redepositing, even though he did not click on any links and had turned on 2FA at that po

What I'm assuming is the real PP twitter account replied to you with

Regarding this phishing attempt: what this user is describing is actually a fairly simple phishing scam - the scammers bought a domain that looks similar - and they probably bought a list from a data scraper that had very low accuracy (Phenom doesn't share user data with any 3rd parties). Out of 30,000 registered emails, it seems a very small portion of our user base received this attempt (under 1%).

My question is, how do they know specifically what percentage of their userbase received phishing emails?


I doubt they would know. Technically 3 out of 30,000 is under 1%


How are they getting around the 2FA?


Phenom is investigating but I am not sure we will hear the result of the investigation


it doesnt add up to me

how the phishers had your username and matching email address.

sure you can find usernames online in lots of places but to have your email address as well thats not as likely unless both are same username and email address

this def looks most likely they had a data breach at some point or an internal job

hope you get your money back


how many people know your username and email


Phenom recently implemented a token to facilitate rake back after saying they would never implement a token and the tokenomics were pretty ****ed; 1% of the holders held 95% of the supply.

One caveat is that appears to include a treasury holding, which is the largest holding, but still, incredibly questionable decision making from people who are crypto natives when their user base is seemingly mostly not crypto natives


by cold chillin

how many people know your username and email

I have never shared my screenname with anyone before


I got on their discord and soomeone attempted to scam on discord within a few days. I reported it and they very clearly didnt want to do anything about it.


Sign up on shady site with bad reviews and no traffic. Deposit and get scammed. Turn on 2FA and get scammed again. What would you do? Obviously deposit third time, it was just bad luck.

Reply...