News

Halborn warns of active MetaMask phishing campaign

The blockchain security firm deconstructs a pretentious email that attempted to steal users' passwords

1 Aug 2022

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 1 Aug 2022

Graphic representing phishing with a hacker stealing data from one computer to anotheri

Shutterstock

Blockchain security firm Halborn has warned users against a new phishing campaign attempting to trick MetaMask crypto wallet owners into revealing their passphrases.

The modus operandi, as with most scams, is email. Halborn, upon receiving a scam email purporting to be from MetaMask on July 25, altered users to the active phishing campaign, implying the email thread ‘can easily pass as a real email from MetaMask’ when read ‘quickly and superficially’.

A closer look reveals various red flags, including a fake domain (metamaks.auction), an incorrect email address (Metamaks Support), and an unrelated server (unicarpentry.onmicrosoft.com).

The phishing email creates a sense of urgency by nudging users to comply with Know Your Customer (KYC) regulations before 8/30/22. “We require all customers to verify their wallets to continue using our service,” the email read.

Upon clicking ‘Verify your wallet’, users are unwittingly directed to a malicious site that prompts them to enter their passphrase. The SSL certificate associated with the pretentious MetaMask site adds to the trickery.

“The best defense against phishing attacks like these is to stay vigilant when receiving emails and think twice before doing anything that seems a bit unusual or potentially suspicious,” writes Luis Lubeck, technical education specialist at Halborn.

“If an email contains a link to be clicked, visit the site directly instead and find the target page from there. If an attachment is unsolicited and seems suspicious, call the sender, and confirm before downloading or opening it,” added Lubeck.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1657195741/itpro/Whitepaper%20covers/State_of_Salesforce_2022.png { display: none !important; }

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1657196714/itpro/Whitepaper%20covers/SAP_Migration_to_the_cloud.png { display: none !important; }

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1643881871/itpro/Whitepaper%20covers/Business_value_modernising_mainframe_thumb.png { display: none !important; }

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1657121008/itpro/Whitepaper%20covers/The_Total_Economic_Impact_Of_IBM_FlashSystem.jpg { display: none !important; }

Free Download