The rise of crypto-based investments and platforms makes for lucrative breeding grounds for crypto-based scams and illegal activity.
This week, Bitdefender Labs is warning MetaMask users of an ongoing phishing campaign out for their crypto wallet private keys. The fraudulent emails, which are disguised as MetaMask requests urging users to verify their cryptocurrency wallets, seem to originate from IP addresses in Russia, China, the US and South Korea. Some 58% of the phony correspondence ended up in US inboxes, with 10% in Ireland, 9% in Denmark, 7% in South Korea, 6% in Sweden and 3% in the UK.
“Our system has shown that your MetaMask wallet has not been verified, this verification can be done easily via the button below,” the bogus email reads. “Unverified account will be suspended.”
The embedded ‘Verify MyMetamask’ button in the above email sample redirects users to a phishing website asking them to provide their wallet passphrase. Those who interact with the phony webpage and submit their recovery phrase are unwittingly giving the info to the scammers who can then steal their financial assets.
Making matters worse, stolen funds are almost impossible to get back. If you are a MetaMask user who has recently received a similar email, make sure you dismiss it and report it immediately.
Never share credentials or other sensitive information via links you received in unsolicited emails if you are not 100% sure that it comes from an official organization.
How to keep your crypto wallet and information safe
Crypto scams are everywhere. Fraudsters can contact you on social media via bogus investment ads, instant messages, phishing emails, and even on online dating websites. Here are our tips to help you protect your digital currencies and personal information online:
· Be suspicious of all unsolicited messages – whether it’s an email, direct message on WhatsApp or a security notification from your crypto wallet provider
· Never trust posts on social media that promise to double your money, even if they appear to be linked to a high-profile user account or famous individual
· Use strong, unique passwords for each online account and enable multi-factor authentication wherever possible
· Use a security solution to fend off malicious attacks and block phishing and fraudulent links
Do you want to know what the Internet knows about you so you can regain control of your digital privacy? Check out Bitdefender’s Digital Identity Protection service to learn the extent of personal data exposure in breaches and data leaks. You can stay on top of privacy threats and receive real-time alerts of data breaches to prevent account takeover attacks and potential financial damages.
You can also prioritize your digital safety by opting for our comprehensive 3-in-1 security and privacy solution to protect all your household devices from malicious and fraudulent activity no matter where your browsing takes you. With Bitdefender Premium Security, you get award-winning antimalware protection and benefit from advanced anti-fraud and anti-phishing filtering systems that warn you whenever you visit a website that may try to scam you. You also get a powerful VPN with unlimited traffic for your PC, smartphone and tablet plus a handy Password Manager to help you store your sensitive data passwords.