Cryptocurrency wallets are in the eye of cybercriminals. Likewise, phishing campaigns that cybercriminals prefer in times of pandemic. In view of this, MetaMask, a famous cryptocurrency wallet company, warned about new phishing bot. This bot tries to steal users’ recovery phrase. Specifically through a google Docs form.
Thanks to its popularity, MetaMask is one of the main targets of hackers and scammers. At the end of April, the company reached a record five million active monthly users. As a result, users have already suffered cyber-attacks. Previously, MetaMask detailed a “rotten seed phrase attack” in December 2020. In this, a malicious website mimicked the website of the wallet the user was trying to install. In this way, the fake website generated a seed phrase that allowed the fraudsters to control the wallet once installed.
Fooled via Google Docs
The cryptocurrency wallet provider alerted its users through a tweet. In this it communicated that the bot tries to direct users to a supposed “instant support” portal. In that portal, users were required to enter information into a Google Docs form. The form asks for the users’ secret recovery phrase. Which can be used to respawn users’ cryptocurrency wallets.
In the face of this, MetaMask stated that it does not have a Google Docs-based support system. So the company urged users to seek support from the “Get Help” option. Which they find within the MetaMask application itself. And thus avoid being scammed. Likewise, MetaMask also encourages users to report wallet impersonation scams and their services. In the same way they informed that users can do it from the app.
Despite the warning, some MetaMask users have already been scammed. At the moment, there is no response or alternative to recover the tokens of these users. Therefore, the invitation is to verify the source of information. And to avoid filling out forms or documents requesting personal information.