Halborn warns of new phishing attack on MetaMask customers
Users receive emails with a link to a fake website where they are prompted to enter a seed phrase to confirm their identity
01.08.2022 - 08:15
694
2 min
0
What’s new? Users of MetaMask, a decentralized crypto wallet, are under the threat of phishing attacks. Fake messages are sent out on behalf of the company, asking them to provide a seed phrase on a third-party website, supposedly to confirm that the wallet belongs to the owner. The scammers then gain access to the victims’ accounts, reported representatives of Halborn, a blockchain security company.
A seed phrase is a key secret phrase needed to regain access to a cryptocurrency wallet. It is usually generated automatically when creating a wallet and contains 12, 18, or 24 words.
How does the attack work? Halborn’s technical education specialist Luis Lubeck reported that users receive emails with MetaMask logos telling them of the need to comply with the KYC procedure. When attempting to go to a page with the verification procedure, a fake website opens asking the user to enter a seed phrase. After entering the phrase the victim is redirected to the real MetaMask website, which misleads the user, but by that time the scammers have already accessed the wallet and stolen money.
Lubeck emphasized that there are several alarming signals in such emails at once. Firstly, there are spelling errors. Secondly, a fake email address (it may differ from the original one by just one letter). Thirdly, is the lack of personalization when contacting users.
Experts do not recommend following the link contained in the email — in this case, it is safer to visit the official website and find the desired page on it.
In June, Halborn reported that MetaMask and Phantom wallets fixed a critical vulnerability in a browser software extension. Seed phrases generated by wallet providers were stored on users’ computers in plain text as part of the “Restore Session” feature. This meant that attackers could get into the system using malware or physical access.
Useful material?
Market
Due to supply shortages, the asset’s pre-market exchange rate was climbing above $1000
Dec 16, 2024
Incidents
Reports about the hacking of the exchange with calls to withdraw assets began to spread on December 13
Dec 13, 2024
Crypto regulations
Stablecoins from issuer Circle will not be affected by the changes
Dec 12, 2024
Crypto regulations
The platform will launch after meeting the preconditions of the local exchange authority
Dec 9, 2024
Market
The $1,1 billion figure was reached after the bitcoin correction
Dec 6, 2024
Crypto regulations
By early January, all open positions and loans of local users will be closed and repaid automatically
Dec 5, 2024