New Phishing Bot Detected by MetaMask

MetaMask has detected a phishing bot on its systems. The bot asks MetaMask users for a seed phrase using a Google Docs form mimicking support.

MetaMask, a crypto wallet provider, has notified its users about a new phishing bit that takes away seed phrases from users. The company stated this in a tweet posted on May 3, where it warned users that the bot mimicked official communication support from the wallet provider. The bot urged users to enter their information in a Google Docs form.

?PHISHING ALERT!: a new type of phishing bot is becoming active. ?
??Comes from an account that looks “normal” (but few followers)
?Helpfully suggests filling out a support form on a major site like Google sheets (hard to block).
?Asks for your secret recovery phrase. pic.twitter.com/EeHumnmzbE

— MetaMask (@MetaMask) May 3, 2021

Phishing user information

The Google Docs form requests users to relay a secret recovery phase, which can then be used to hack into user crypto wallets. MetaMask., however, informed users that it did not offer support through a Google Docs form. The wallet provider instead uses a ‘Get Help’ link on their app. Users are asked to seek this channel to avoid being defrauded.

The wallet provider also urges users to report any cases of fraud seeking to compromise their wallet. To report this, users can use the support option provided on the app. However, the warning by MetaMask came late as some users had already been conned, with some losing their tokens.

The rise in hacking attacks

MetaMask is highly popular, and this attribute has made it a significant target of hacking and phishing attacks. According to ConsenSys, the company behind developing the wallet, MetaMask, has more than five million active users each month.

A phishing attack is a technique used by threat actors to urge people to complete an action on their systems. Once a user proceeds with the move, their personal details are accessed, including account details.

This is not the first time that MetaMask is under attack by threat actors. In December 2020, the wallet provider revealed details of a malicious website copying their website and cheating users to install wallets. The fake website would then create a seed phrase that enabled hackers to control the wallet after installation.

Phishing attacks are not only targeted to new users on different platforms but also experienced users. In December 2020, the founder of Nexus Mutual was scammed into depositing around 370,000 Nexus tokens worth $8 million to a scammer wallet controlled by the hackers.

Phishing attacks have been a significant threat to people who have opened accounts on different wallets. Sometimes, people lose their personal information because of these attacks, with details such as phone numbers, email addresses, and location details being leaked.