How do I spot an Awazon phishing clone?
The tells are an address that is close but wrong and a login that asks for your recovery phrase. The captcha check beats them.
Short answer. A clone uses an address that is close but not identical to a genuine one, and often asks you to re-enter your recovery phrase, which the real market never does. The captcha address check catches it.
The tells
An address differing by a few characters in the middle. A prompt for the recovery phrase at login. A captcha whose printed address does not match your bar. Formatting subtly off from the site you remember.
The check that beats them
Copy addresses only from a verified signed source, and every session hold the address in your bar against the one the captcha prints. A clone cannot serve the correct address in the captcha while pointing you elsewhere.
If you already typed a password
Assume it is compromised. Reach the genuine market through a verified address, change the password, and withdraw any balance.