Recently we have read about the experiences of some users who experienced the theft of their funds in Metamask wallets, which is an unfortunate fact, since we are talking about resources that have been achieved with effort and relying on various projects on the blockchain. Although some users have commented on being cautious with their passwords and not having provided them, I have read that Phishing is still one of the most common ways to steal and scam users of these wallets.
Image edited by @yusvelasquez, original from pixabay.com.
In case you have not heard this term before, "Phishing" refers to a fraudulent way of obtaining confidential information through deception, and in the case I want to tell you about, using fake applications that impersonate the original.
And maybe some people are very careful and avoid visiting unknown web pages, but when this web page is the first search option in Google, maybe they can find us with our guard down. And this has been a quite common way to scam the owners of this popular wallet, I have come across news alerting about the large number of people who were victims of this type of fraud for trusting a Google search ad.
When installing Metamask we have the option of creating a new wallet or importing an existing one, as the scammers are exploiting this second option, using a fake domain and a malicious website identical to the original, and paying a Google ad to reach the top of the search list trying to impersonate the original.
Scammers create sites identical to the original to steal the secret phrases. Screenshot taken from Metamask.
What happens with these fake sites is that if we select the option to import wallet, it will ask us to provide the recovery phrases, which are sent to the criminals, and as soon as they get it, they proceed to empty the victim's wallet.
Apparently there have been many paid ads that have been used to scam users, as I have consulted sites such as installmetamask.com, meramaks_io and metamas, maskmeha.io have been found. And although in some cases the spelling can give us a warning sign, many would overlook it as it is the first option shown by the search engine, and once on the page it would be difficult to differentiate the fake site from the real one, as they are almost identical.
This form of scam was alerted by Metamask, in the following image we can see a screenshot that they shared on their twitter account, where they detail how a paid ad on Google pretended to be the official site of the wallet, see that the first option when searching for "metamask" in the search engine was the fake site, and that the real one was located as the second option, but we will notice that the domain of the first one is maskmeha. io and although both pages have the name "MetaMask" in the fake site the "k" is different, it contains the ending ".io" and the word "Home".
Image edited by @yusvelasquez, original image taken from twitter @Metamask.
And it seems that search engines do not do enough to stop this type of scam, as several youtubers have continued to warn about this type of modality.
Metamask's twitter account has warned about several forms of Phishing related to their wallet, another of the modalities they reported was to receive guidance through an account that "seems normal" and where they suggest filling out a help form on Google sheets, in which "asks for your secret recovery phrase".
Screenshot taken from twitter @Metamask.
Another of the methods used is through emails, and for which Metamask has informed that they do not collect our email, so if we receive an email requesting to verify our account it is definitely a trap.
Screenshot taken from twitter @Metamask.
As you can see my friends, scams and malware attacks are the order of the day, and seem to be frequently targeting Metamask users, perhaps because of the popularity of this wallet. So we must pay close attention to the sources from where we download the wallet, for example if we update the operating system and we must reinstall it, we must access the service from official and direct links and not redirected by third parties or be attentive to the domain of the page when we do a Google search, as there must be many fake applications out there.
Thanks for reading friends, I hope you find the information useful!