Connect with us

Global News

Security firm warns against phishing campaign targeting MetaMask

Published

on

Source: Pixabay

A cybersecurity company has issued alerts regarding a fresh phishing campaign. One that is going after users of the well-known cryptocurrency wallet – MetaMask.

The ongoing phishing campaign used emails to target MetaMask users and deceived them into disclosing their passphrase. This, according to a blog post by Halborn’s Technical Education Specialist Luis Lubeck.

To alert users to the new fraud, the company examined phishing emails it had received in late July. Halborn claimed that the email appears legitimate at first glance thanks to a MetaMask header and logo and instructions instructing users on how to comply with Know Your Customer (KYC) rules.

How to understand the red flags?

Halborn also pointed out that the letter contains several warning signs. The two most noticeable ones were misspellings and an email address that was not the sender’s. Furthermore, the phishing emails were sent through a phony domain called the meta mask auction.

Phishing attacks are social engineering attempts to steal cryptocurrencies using targeted emails. These entice victims into disclosing more personal information or clicking links to nefarious websites.

The company also pointed out that the message lacked customization – Another red flag. The malicious link to a bogus website that requests users to enter their seed phrases before forwarding to MetaMask to empty their cryptocurrency wallets is shown when the call to action button is hovered over.

Researchers from Halborn noted a situation in which a user’s private keys may be located unencrypted on a drive in a compromised computer in June. Following the discovery, MetaMask modified version 10.11.3 and later, its extension too. 

Following the disclosure of client emails by a third-party vendor employee last week, Celsius users were also alerted to a phishing danger.

Cybercriminals target Metaverse with phishing scams

According to CNBC, investors from all around the U.S told CNBC that hackers misled them into visiting websites they thought were trustworthy entrances to the virtual world. These, alas, turned out to be phishing sites intended to steal user information.

As a result, the hackers took control of their metaverse property. They genuinely wanted a piece of the metaverse, a new blockchain-based virtual network of platforms that have recently become well-known thanks to significant investments from investors, fashion shows, and celebrities.

Read the best crypto stories of the day in less than 5 minutes

Subscribe to get it daily in your inbox.


Please select your Email Preferences.

An intersectional feminist, Shauna's interests lie in assessing the social and cultural impact of new technologies including blockchain. When she is not spewing words on the Internet, she's busy moonlighting as a concert photographer.

Click to comment

Leave a Reply

Your email address will not be published.

Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.