There’s a new phishing bot that’s targeting unsuspecting MetaMask users. The digital currency wallet warned its users against the bot on Twitter. It reportedly poses as an instant support portal before attempting to mislead the users into giving up their seed phrases.
MetaMask has soared in popularity in recent years amid the rising adoption of digital currencies. The wallet recently revealed that it had crossed the five million users’ mark. It attributed the milestone to its rapid growth in the global south including India, Indonesia, Vietnam and Nigeria. This milestone came just six months after it hit one million users.
The rise of MetaMask has made it a target for scammers and the latest is targeting social media users. MetaMask took to Twitter to alert its users of the phishing bot
🚨PHISHING ALERT!: a new type of phishing bot is becoming active. 🎣
👨🏻Comes from an account that looks “normal” (but few followers)
📑Helpfully suggests filling out a support form on a major site like Google sheets (hard to block).
🪝Asks for your secret recovery phrase. pic.twitter.com/EeHumnmzbE
— MetaMask (@MetaMask) May 3, 2021
The bot uses an account that looks “normal,” but with few followers, the wallet revealed. It “helpfully suggests filling out a support form on major sites like Google Sheets which are hard to block,” MetaMask further stated. On the Google Sheets, the bot tries to get the user to key in their seed phrase, through which they surrender control of their wallets to the scammers.
MetaMask reminded its users that the easiest way to avoid such scammers is to only seek support from within the app.
“You will find that MetaMask always directs to our own domain, http://support.metamask.io. You don’t have to take my word for it! Check the menu in app!”
The wallet also called on its vast community to assist it to take down such scammers by reporting them whenever they encounter them.
MetaMask is no stranger to phishing attacks. In one of the biggest attacks on its users, MetaMask reported a scam campaign in December that was mimicking its website and stealing from unsuspecting users.
In a blog post, the MetaMask team stated, “In a rotten seed phrase attack, a malicious website mimics the website of the wallet the user is trying to install. The fake website takes the user through an imitation of the wallet’s onboarding flow directly inside of the scammer’s website (instead of where it would typically occur after the wallet is installed).”
Towards the end of the fake onboarding process, the scammers instruct the user to back up their seed phrase as is the norm. “However, the seed phrase provided was previously generated by the scammer. After backing up this rotten seed phrase, the user is taken to the wallet’s real website, and is instructed by the scammer to install the wallet and import the rotten seed phrase.”
At this point, the scammers have taken full control of their victim’s MetaMask wallet and once he funds the account, they drain it instantly.
MetaMask further revealed at the time that such scammers were even promoting their scams via paid ads on Google.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.