- Scammers use government-owned URLs to scam MetaMask users.
- Manipulated sites include those of Nigeria, Egypt, Colombia, Brazil and India.
- The crypto industry suffers increased theft and attacks as it continues to grow.
Crypto scammer are continually diversifying their methods and are now using government-owned website URLs to deceive their victims and gain access to their crypto wallets to steal their assets.
According to a report by Cointelegraph, scammers have manipulated government sites from India, Nigeria, Egypt, Colombia, Brazil, Vietnam, and other countries and used them to redirect users onto false MetaMask sites.
MetaMask, an Ethereum-based crypto wallet service, has been the target of hackers and scammers for a while now. In most incidents, scamming users out of their crypto assets involves the scammers directing unsuspecting users to fictitious websites and requesting access to the MetaMask wallets.
When users visit the fabricated government sites and click on one of the malicious links, they are instead taken to a phony URL called “MetaMask.io” rather than the real URL “MetaMask.io.” Once accessed, Microsoft Defender, the company’s built-in security program, alerts users to a potential phishing attempt.
If users disregard the warning, they are met by a website that looks like the official MetaMask website. The real and fake websites have quite similar interfaces which causes users to fall for the scam. The fake site even has the Metamask fox icon and a clean interface mimicking the real cryptocurrency wallet platform.
However, upon clicking on some of the links and features on the fake site, one quickly discovers that most do not function properly and the site is phony. The links fail to connect to useful pages or wallet tools and only the download button remains active.
The download button causes the user to download a fake MetaMask APK file that grants the scammers full control of the user’s MetaMask wallet. In other cases, in order to access various services on the platform, the fraudulent websites will request that users link their MetaMask wallets. This is likely to cause the users’ seed phrase to be compromised, giving hackers full control over their cryptocurrency holdings.
Increased Crypto Attacks
Regarding the increased phishing scams, MetaMask’s security team said: “We are building in some heuristics (metadata, indicators, TTPs, etc.) from this current campaign into our detection engines to hopefully detect any more of these attacks as soon as they launch and take steps to take them down before they reach users — or at the very least minimize the exposure.“
The company urged users to be keen and on the lookout for scams amidst the increased crypto attacks and insecurity. MetaMask also advised users to stop using their seed recovery phrase in the event of a seed phrase compromise. Instead, they should create a new one using a secure device to prevent more losses or damage.
This year, MetaMask has reached an average of 21 million active users per month. As such, it comes as no surprise that scammers are increasingly seeking to use the platform and its crypto wallet to swindle users and take their digital assets.
As early as 2019, Finance Magnates issued a warning concerning the removal of fake MetaMask apps from the Google Play Store. In 2021, reports of a phishing assault that sought to acquire the personal information of MetaMask users by impersonating customer service began to surface.
Last year, the app’s developers warned about phishing attempts exploiting Apple devices. The iCloud app’s security flaw allowed scammers to gain access to users’ wallet seed phrases.
Aside from MetaMask, the entire crypto industry has seen a surge in the number of crypto attacks, hacks, and scams. According to a report released by CertiK, the industry has lost $997 million year-to-date to crypto crimes. Of this, July was the highest month with a loss of $303 million.
