MetaMask and Phantom wallets were targeted in the latest $500K phishing attack that has seen funds being stolen from the users’ wallets according to Check Point Research reports that we have in our latest cryptocurrency news today.
Check Point Research discovered a crypto phishing campaign that saw the funds stolen from MetaMask and Phantom wallets as both Pancake and Metamask websites were mimicked in the scam. The research showed a huge search engine phishing campaign that has resulted in half of million dollars worth of crypto stolen from the users:
“Over the past weekend, Check Point Research encountered hundreds of incidents in which crypto investors lost their money while trying to download and install well-known crypto wallets or change their currencies on crypto swap platforms like PancakeSwap or Uniswap. “
One Reddit user added:
“I just installed the phantom wallet and somehow I ended up downloading the scam. I am somewhat new to wallets.”
ADVERTISEMENT
The scam was hitting MetaMask and Phantom users as two popular wallets with the scammer’s mimicking legitimate websites almost as they would the original. The report added that the researchers spotted a few phishing websites over the weekend that looked like the original website because the scammers copied the design. For the Phantom domain, the users were encountering phishing domains like Phanton.app or Phantonn.app as opposed to the original “phantom.app.” The same was true for the scammer’s MetaMask tactics that saw domains like MetaMask appear in Google ad campaigns in the case of Metamask where the scammers tried to steal the user’s private keys to access their wallets in the phishing attack. The CRP said:
“What makes this phishing campaign unique is the fact that the scammers are not sending phishing links via email like traditional phishing scams. Instead, they are using Google ad campaigns to make their phishing websites appear before the original site when anyone searches the keyword.”
But is there something that the users can use to help themselves? CRP provided cautionary steps for the crypto users like looking at the first website in your search results and making sure that it is not an ad. The users should not give out their passphrase all while they are double-checking their URLs.
ADVERTISEMENT
- access
- Ad
- All
- app
- Campaign
- Campaigns
- change
- crypto
- Crypto News
- cryptocurrency
- Cryptocurrency News
- currencies
- Design
- discovered
- dollars
- domains
- Editorial
- First
- Free
- funds
- HTTPS
- huge
- Hundreds
- Investors
- IT
- keys
- latest
- looked
- Making
- MetaMask
- million
- money
- news
- offer
- phantom
- phishing
- phishing attack
- phishing campaign
- Platforms
- policies
- Popular
- private
- Private Keys
- report
- Reports
- research
- Results
- Scam
- Scammers
- scams
- Search
- search engine
- set
- standards
- stolen
- tactics
- Uniswap
- us
- users
- Wallet
- Wallets
- Website
- websites
- weekend
- worth
