MetaMask ALERTS Its Users Of New Phishing Bot Attack.
2021-05-03 | Eddy Morgan
Cryptocurrency wallet provider MetaMask has alerted its users of
a new phishing bot that attempts to steal their seed phrases.
Within an official
tweet published today on Monday, MetaMask warned users that the bot attempts to direct users to a purported “instant support” portal where
they're prompted to enter information into a Google Docs form.
The form asks for
the key recovery phrase
that will be
used to respawn users’ crypto wallets. MetaMask outlined that it
doesn't have a Google Docs-based
network, urging users
to hunt support from the “Get Help” option within the MetaMask app itself to avoid being scammed.
MetaMask also encourages users to report scams impersonating the wallet and its services, noting users can do so
within the app.
Despite MetaMask warning its users of the phishing bot,
a number of its users appear
to possess already been scammed, with one Twitter user replying: “
So there's no way to get back our token right?”
Due to its popularity, MetaMask is
one of the highest targets for hackers and scammers. Earlier on Tuesday, the developer behind the wallet, ConsenSys, outlined that it had hit a record 5 Mln active monthly users.
Phishing attacks are a social engineering technique
employed by scammers to lure users into completing an action that reveals personal information or account details.
Also earlier in December last year, MetaMask
detailed a “rotten seed phrase attack,” within which a malicious website mimics
the website of the wallet the user is trying
to install. The fake website generates a seed phrase
that permits the scammers
to regulate the wallet once it's been installed.
It is not just beginner users who may fall victim to phishing scams, with a hacker fooling Nexus Mutual founder Hugh Karp into
transferring roughly 370k NXM [Nexus Mutual
tokens] worth $8 Mln to a wallet beneath their management at
the end of last year.
Ledger users have also been inundated with phishing attempts, with two major
breaches of company servers
leading to the leaking
of private data along with email addresses, phone numbers, and even physical addresses.
Leave a comment
Your email address will not be published. Required fields are marked *
