MetaMask warns of new phishing bot

The latest MetaMask phishing scam asks users for their seed phrase in a Google Docs form posing as an official support portal.

Crypto wallet provider MetaMask has alerted its users of a new phishing bot that attempts to steal their seed phrases.

In a tweet published Monday, May 3, MetaMask warned users that the bot attempts to direct users to a purported “instant support” portal where they are prompted to enter information into a Google Docs form.

The form asks for the secret recovery phrase that can be used to respawn users’ crypto wallets. MetaMask stated that it does not have a Google Docs-based support system, urging users to seek support from the “Get Help” option within the MetaMask app itself to avoid being scammed.

MetaMask also encourages users to report scams impersonating the wallet and its services, noting customers can do so in the app.

Despite MetaMask warning its users of the phishing bot, some of its users appear to have already been scammed, with one Twitter user replying: “so there is no way to get back our token right ?”

Due to its popularity, MetaMask is one of the top targets for hackers and scammers. On April 27, the developer behind the wallet, ConsenSys, reported that it had hit a record five million active monthly users.

Phishing attacks are a social engineering technique used by scammers to lure users into completing an action that reveals personal information or account details.

In December 2020, MetaMask detailed a “rotten seed phrase attack”, in which a malicious website mimics the website of the wallet the user is trying to install. The fake website generates a seed phrase that enables the scammers to control the wallet once it has been installed.

It is not just beginner users who may fall victim to phishing scams, with a hacker fooling Nexus Mutual founder Hugh Karp into transferring roughly 370,000 Nexus Mutual tokens (NXM) worth $8 million to a wallet under their control at the end of 2020.

Ledger users have also been inundated with phishing attempts, with two major breaches of company servers resulting in the leaking of personal information including email addresses, phone numbers, and even physical addresses.

Leave a Reply

Your email address will not be published. Required fields are marked *