New Phishing Scam Targets Metamask Users – What to Do

Scammers are running rampant in crypto, and this time they are targeting Metamask, one of the most popular crypto wallets. Attackers are using a phishing tactic to steal wallet information from users in the name of security upgrade. 

Blockchain security firm SlowMist alerted its followers of the new scam which impersonates a Two-Factor Authentication (2FA) security verification using a website that mimics the official Metamask domain. 

Inexperienced victims end up giving away their wallet recovery phrases in the process and lose all their funds. This is just one of a series of scams that have become more sophisticated and believable than ever, but you can avoid them when you know what to do.

A Highly Believable Metamask Scam

The attack, like most phishing attacks, looks very genuine and authentic. First, the attackers send an email that has a design and layout similar to that of Metamask. This is the beginning of most phishing scams. In this case, the attackers tell the target that they are upgrading security for them and invite them to set up 2FA to secure their wallet.

Once clicked on, the button links to a different domain than Metamask.io, where the victim is asked to provide some key wallet details. Then they finally request for the user’s wallet recovery phrase. This is a group of 12 or 24 words used to recover a wallet in case of loss, and should not be shared with anyone, not even Metamask support.

Once the recovery phrase is shared, the attacker drains the wallet of all its assets, leaving the owner with nothing. The victims of such tricks are usually new crypto users with little to no experience of how crypto wallets work. 

To avoid being a victim, never share sensitive wallet data such as your wallet recovery phrase with anyone, not even customer support. In fact, no genuine customer support will request such information. Also take time to double check the domain before using any website, as most crypto users lack the patience to do this.

Metamask Attack After Bitcoin Support

Metmask recently added support for Bitcoin, enabling the buying, swapping, and holding of Bitcoin on the wallet. This attack is coming just a couple of weeks after the Bitcoin support, raising suspicion that it may be targeted at Bitcoin owners.

Whatever the case, such wallet attacks are becoming more common and more care should be taken. The most recent is the attack on Trust Wallet Chrome extension leading to the loss of over $8 million in user funds on Christmas day. 

More Must-Reads:

• Warning: New Chrome Extension Scam Targets Ethereum Seed Phrases
• Pi Network Takes Drastic Measure as Scammers Drain Users’ Wallets
• Canadian Scammer Steals $2M Posing as Coinbase Agent