So possibly that you click some phising links. Theres no way that he can view your private key at all. Most got scammed or hacked exposed to some malicious links. Avoid using social media or click some links underneath legit project cause chances that the second one is fake unless you check the profile first and verify that this is the real one.