Casa is the home for bitcoin and digital asset wealth, and a home should always feel safe no matter what is happening outside. Right now, the fastest-growing attack vector we are seeing against bitcoiners and people who have digital wealth is social engineering.

Social engineering attacks typically arrive by phone, email, or text. The person on the other end has your name, your provider, and a credible story, and they use it to convince you to move funds to an account you do not control. There is no exploit or key compromise involved. The whole attack is engineered to push you to act before you can verify.

Data breaches from exchanges and wallet providers accelerate the problem. As victim profiles get more detailed, with account numbers, balances, and transaction history, the calls get more convincing. Attackers use this data to build detailed profiles before they ever make contact. According to the FBI's Internet Crime Complaint Center, crypto investment fraud was the single largest category of cybercrime losses in the United States in 2025, with Americans losing a collective $9.94 billion.

To stay ahead of this threat, we built four new features: Guardian Mode, Phone Call Detection, Whitelisting, and Suspicious Account Activity. Each one targets a different moment in the social engineering attack chain.

Guardian Mode

Premium, Private Client

Guardian Mode is opt-in: when enabled, every transaction requires a live video verification call with two Casa Advisors before the Casa Recovery Key adds the final signature. 48 hours after the verification call, the Casa Recovery Key will sign the transaction; giving you time and space to ensure you are not under pressure to act.

Each video verification call additionally requires confirming a Casa advisor verification code. If the person you are talking to can't provide it, end the call.

Disabling Guardian Mode can be done anytime through the same mechanism as sending a transaction: a verification call with Casa and a 48-hour hold before we disable it. With Guardian Mode enabled,  Sovereign Recovery remains available.

Phone Call Detection

All paid tiers

20% of social engineering attacks start with an unexpected call. To protect against these attacks, the app now detects when you're on an active phone call and shows a warning before you send funds. The attacker needs you on the phone because urgency and real-time pressure can override careful thinking.

If you attempt to send funds while on a call, the app prompts you to enter the caller's Advisor Verification Code before anything goes through. If they're from Casa, they have one. If they can't provide it, they're a scammer trying to trick you.

The app checks call state only and does not access call audio, caller ID, or any call content.

Whitelisting

All paid tiers

Once Whitelisting is enabled, your vault can only send to pre-approved addresses inside the Casa app. To add new withdrawal addresses on your Casa vault with Whitelisting enabled, you must wait 48 hours before they become whitelisted.

With Whitelisting enabled, if someone gains access to your account, they cannot add a new address and immediately drain your funds. Instead, they would have to submit a new address for approval and wait the 48 hours. The moment they add the address, you would get an email with time to act.

Turning off this protection also has a 48-hour waiting period so an attacker can't disable the defense and then act immediately.

You can still add new addresses anytime.

Suspicious Account Activity

All users

Suspicious Account Activity is built to alert you when someone else logs into your account without your knowledge.

When you log in, Casa records your location at the city level. No IP address is ever stored, and location data is deleted after 48 hours. If a subsequent login appears from somewhere you could not physically have reached since your last sign-in, you receive an email alert. 

If your last login was Montreal at 9PM and a new one appears from Tokyo at 9:20PM, something is wrong. Review your recent login activity and contact Casa Support immediately.

Control, on your terms

Self-custody means the decisions about your security and financial sovereignty are yours. Casa’s new Social Engineering protection features extend your ability to better protect your funds for the long term by giving you more time to think and additional protections when pressure is at its highest.

For the long term.