@Digital_Dragon I noticed you mention things like passwords and payment information as a concern. These things are generally protected and encrypted through your browser. What you experienced is through Wallet and due to permissions that you gave someone.
Wallet is like a bank account. The 24 word recovery phrase is your master password that lets people use the entirety of your Brave Wallet if they are given it. This means they can send and receive any crypto you have stored. This number is something you NEVER should share with anyone.
Then you have web contracts. This is you going to a website to make a purchase. You are asked if you’d like to sign the web3 contract and give them access to your Wallet. As with many websites and other places in the world, there will be scam sites out there and it’s very important you do your research before giving authorization to anything.
That’s where I circle back to this. There are a lot of scams that are hard to differentiate. If you haven’t been through such articles yet, you may want to check out https://support.metamask.io/hc/en-us/articles/10143114273563-How-to-tell-if-a-smart-contract-is-safe-to-interact-with or https://www.coinbase.com/blog/real-or-fake-learn-how-to-identify-legitimate-stablecoins
Nah, nobody but you would have the password. It’s completely stored via your browser and even if someone had it, they’d not be able to do anything as it’s just to unlock it from your device.
Absolutely none. Brave Wallet is kept completely separate from the rest of info. And from what it sounds like, yours is just that you authorized a site to be able to access portions of your Wallet balance and they did so.
If you did download any viruses, keyloggers, or other types of malware from them or elsewhere, there could be potential for them to gather other data. But generally it’s kept safe and all of your information is encrypted. Obviously nothing is ever 100% safe, but the likelihood of this happening is pretty slim unless you’re installing a bunch of random extensions, torrents, and other things which are known for trying to steal your data or hijack your device.
Just so you know, this exists with ALL wallets. It has nothing to do with being built on Brave or Brave itself. It would have worked the same if you did MetaMask or anything. I kind of gave you some info below, but I’ll leave you with the info below as well, as it might be helpful for you to read.
You’ll see what you fell for is listed almost right away, called