Here is an example of a phishing attempt that looks legit to the untrained eye where they are wanting you to give them your recovery seed for crypto.

Things to always do/take note of:

1. Never click a link in an email to enter any data

2. Always check the URL of the links

As you can see from this example, the link points to a TruthSocial URL which redirect to a fake website, although the URL of the fake website looks legit "http://mycoinbase.org" due to it's name.

No matter what options you choose on this website, it ends with requesting you hand over your recovery seed words - and once you do, they'll have access to your crypto/money. Never hand over your recovery seed/words to any website.

If you look up the WHOIS for a URL, you'll often see the fake website was just created, and in this example it's 25th Dec (few weeks ago).