17:20
13:53
15:23
09:53
12:45
12:27
17:20
13:53
15:23
09:53
12:45
12:27
17:20
13:53
15:23
09:53
12:45
12:27
17:20
13:53
15:23
09:53
12:45
12:27
Blockchain security firm Halborn warns of a new phishing campaign targeting users of the popular crypto wallet MetaMask.
Halborn's technical education specialist Luis Lubeck says a new active phishing campaign using emails to target MetaMask users and trick them into giving out their passphrase has started.
The firm analyzed scam emails it received in late July to warn users of the new threat. At first glance, the email looks authentic with a MetaMask header and logo, and with messages that tell users to comply with KYC regulations and how to verify their wallets.
However, several red flags within the message can be found with spelling errors and a fake sender’s email address being the most obvious. Furthermore, a fake domain called metamaks.auction was used to send the phishing emails.
Halborn also noted that there was also no personalization in the message, another warning sign. Hovering over the call to action button reveals the malicious link to a fake website which prompts users to enter their seed phrases before redirecting to MetaMask to empty their crypto wallets.