MetaMask warns of email cryptocurrency scams

MetaMask, one of the most popular cryptocurrency wallets, issued an investor alert this Monday (13). According to the company, there is a major phishing scam going on this week.

It all started with a problem at Namecheap, a popular web domain registrar whose email services had been compromised.

“We have evidence that the upstream system we use to send emails is involved in sending unsolicited emails to our customers”wrote Namecheap on Sunday (12). “We stopped immediately.”

Since such emails seem to come from Namecheap itself, hackers take advantage of potential victims’ carelessness to send them to bogus websites. One of the main targets is cryptocurrency investors, especially MetaMask users.

MetaMask warns about phishing scams

Also via Twitter, MetaMask asked people to avoid opening emails from Namecheap or MetaMask itself, noting that it is a scam.

“MetaMask does not collect KYC information and will never email you about your account! NEVER enter your secret recovery phrase on a website”warned the wallet.

“If you received an email today from MetaMask or Namecheap or anyone else like this, please ignore it and don’t click on their links!”

In the Bleeping Computer article, shared by MetaMask, there are some screenshots of the fake wallet email and page, where the user is asked to enter their recovery phrase. That is, if an investor continues with these steps, he will give hackers access to his cryptocurrencies.

“Dear user, we are writing to inform you that it is important that you verify your identity by KYC to continue using our wallet”points to the fake email intended to steal cryptocurrencies from investors.

Email sent by hackers posing as MetaMask support to steal cryptocurrency from investors. Source: Bleeping Computer.

If the user clicks on the link in the email, he is taken to a fake page. As shown in the image below, hackers want the potential victim to be naive enough to enter their private keys or recovery phrase, which will give them access to the investor’s cryptocurrencies.

The MetaMask fake website is part of a phishing scam that allegedly started with a Namecheap vulnerability. Source: Bleeping Computer.

Finally, Namecheap is known for being one of the first services to accept Bitcoin as payment. Therefore, it is possible that many of its users are cryptocurrency investors, increasing the risk of the attack.

The final security tip is to never write your private keys on suspicious websites and think for five minutes before taking any action that seems to require immediate action. After all, such a sense of urgency is an old scam tactic.

Source: Live Coins

follow:
\