Tricked into Giving Passphrases
Halborn’s Technical Education Specialist, Luis Lubeck, published a blog post on July 28th, breaking down the newest email phishing campaign targeting MetaMask users. The scam centers around misleading users, thereby tricking them into give up their passphrases.
The phishing email “informs” users that they need to verify their wallets. To do this, users are prompted to click a malicious “call to action” button, which leads to a fake website requesting a user’s seed phrase. Once the seed is entered, the website forwards to the MetaMask wallet, which is then emptied by the malicious program.
Attention to Detail Is Key
Halborn notes that the email appears genuine at first glance, as the scammers mimic MetaMask’s visual identity, including its header and logo. User instructions on how to comply with ‘know your customer (KYC)’ requirements for wallet verification also resembles the company’s typical communication.
However, despite these similarities, Halborn highlighted a few warning signs, oh which the two most noticeable were misspellings, and the sender’s email address, which was not the official MetaMask account.
The phishing emails were sent through a phony domain called “metamaks.auction.” The security company further emphasized that the message lacked customization, such as addressing users by specific, individual names—a classic red flag.
Not the First Attack on Crypto Wallets
This latest phishing attempt is not the only MetaMask vulnerability to have been found by the Halborn firm. In June, the firm’s researchers revealed that users’ private crypto wallet could be found unencrypted on a computer hard drive. Following the revelation, MetaMask patched the exploit from extension versions 10.11.3 onward.
In February, malware called ‘Mars Stealer’ was found to be targeting browser-based cryptocurrency wallets like MetaMask, Coinbase (NASDAQ:COIN) Wallet, Nifty Wallet, Ronin Wallet, MEW CX, Binance Chain Wallet, TronLink, and approximately 40 other crypto wallets.
In April, MetaMask warned the public about phishing attacks targeting Apple’s ‘iCloud’ service. If a user had enabled automatic backups for application data, the seed phrase or “password-encrypted MetaMask vault” would be stored on iCloud, thereby imposing severe security risks for iPhone, Mac, and iPad users.
On the Flipside
Why You Should Care
For more information on MetaMmask and how it works, check out:
https://dailycoin.com/a-beginners-guide-to-metamask-what-is-it-and-how-does-it-work/
Cardano ranks as the top target for phishing attacks – find out more below:
https://dailycoin.com/cardano-among-top-targets-of-phishing-attacks-before-vasil-fork/
Continue reading on DailyCoin
Source: Cryptocurrency - investing.com
