See More

MetaMask Cautions Vigilance After Latest Phishing Scam

2 mins
Updated by Geraint Price
Join our Trading Community on Telegram

In Brief

  • MetaMask users have received phishing emails asking pretending to verify the KYC details.
  • This was due to a compromise in Namecheap’s email service providers.
  • The wallet recently added a phishing detection alert feature.
  • promo

MetaMask warned its users not to reveal secret recovery phrases after a compromise of Namecheap’s email providers.

Crypto users are the favorite targets of hackers due to the sheer amount of funds locked with DeFi services. In 2022, hackers stole over $3 billion worth of crypto through various means, including phishing attacks.

Crypto phishing is when bad actors trick users into giving away access to their assets through Secret Recovery Phrase or other sensitive information.

Since Sunday, some users have received emails from MetaMask redirecting to a phishing website asking for their Secret Recovery Phrase.

MetaMask Users Once Again the Target of Hackers

As users have direct custody of their assets, it becomes easier for hackers to steal from not-so-tech-savvy wallet holders. Scammers have time and again used illicit services like Monkey Drainer contracts to extract the assets out of users’ wallets once they connect them to phishing websites.

This time hackers targeted the mailing service provider Namecheap by sending unsolicited emails. Namecheap is a domain name registrar and web hosting company.

Users received emails asking to verify Know Your Customer (KYC) requirements. The emails redirected users to phishing websites, which later asked users to enter their Secret Recovery Phrase.

MetaMask phishing email
Source: BleepingComputer

MetaMask warned that they do not collect KYC information from their users and will never email asking for it.

Due to multiple phishing attempts in the past, MetaMask recently added an optional phishing detection alert feature. With this feature, users get a warning when they connect their wallet to a phishing website.

A MetaMask spokesperson told BeInCrypto: “We have various anti-phishing initiatives: One of them is actively blocking users from interacting with known malicious domains. MetaMask manages this list, and many contributors from the ecosystem are pushing updates to this list. Since the inception of this initiative, we have had 11,512 pull requests to block 33,478 domains from 100 different contributors.”

Got something to say about MetaMask phishing attacks or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or Twitter.

For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.

Top crypto platforms in the US | April 2024
Coinbase Coinbase Explore →
AlgosOne AlgosOne Explore →
Chain GPT Chain GPT Explore →
iTrustCapital iTrustCapital Explore →

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Frame-2264-1.png
Harsh Notariya
Harsh Notariya excels in delivering SEO-optimized crypto news under tight deadlines. Previously, as a Growth Marketer at Sporty and a Community Consultant at Totality Corp, he significantly boosted community engagement and followers. Harsh also crafted engaging content for top crypto influencer Shivam Chhuneja, blending meme references for an educational yet fun experience. His versatile skills make him a notable figure in crypto journalism.
READ FULL BIO
Sponsored
Sponsored