Halborn warns of active MetaMask phishing campaign
The blockchain security firm deconstructs a pretentious email that attempted to steal users' passwords

Blockchain security firm Halborn has warned users against a new phishing campaign attempting to trick MetaMask crypto wallet owners into revealing their passphrases.
The modus operandi, as with most scams, is email. Halborn, upon receiving a scam email purporting to be from MetaMask on July 25, altered users to the active phishing campaign, implying the email thread ‘can easily pass as a real email from MetaMask’ when read ‘quickly and superficially’.
A closer look reveals various red flags, including a fake domain (metamaks.auction), an incorrect email address (Metamaks Support), and an unrelated server (unicarpentry.onmicrosoft.com).
The phishing email creates a sense of urgency by nudging users to comply with Know Your Customer (KYC) regulations before 8/30/22. “We require all customers to verify their wallets to continue using our service,” the email read.
Upon clicking ‘Verify your wallet’, users are unwittingly directed to a malicious site that prompts them to enter their passphrase. The SSL certificate associated with the pretentious MetaMask site adds to the trickery.
“The best defense against phishing attacks like these is to stay vigilant when receiving emails and think twice before doing anything that seems a bit unusual or potentially suspicious,” writes Luis Lubeck, technical education specialist at Halborn.
“If an email contains a link to be clicked, visit the site directly instead and find the target page from there. If an attachment is unsolicited and seems suspicious, call the sender, and confirm before downloading or opening it,” added Lubeck.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
-
Using WinRAR? Update now to avoid falling victim to this file path flaw
News WinRAR users have been urged to update after a patch was issued for a serious vulnerability.
-
Amazon CEO Andy Jassy doubles down on the company's AI focus
News Amazon CEO Andy Jassy thinks companies need to "lean into" AI and embrace the technology despite concerns over job losses.