New phishing attack against MetaMask threatens users’ security
Scammers have launched a new wave of phishing disguised as a so-called “mandatory security update” for MetaMask. Users are redirected to fake pages containing security warnings, where they are prompted to complete a supposed mandatory two-factor authentication (2FA) check. During the process, victims are asked to enter their seed phrase, after which scammers gain full control over the wallet.
Source Incrypted
To increase credibility, attackers use fake websites and emails impersonating MetaMask, complete with deadlines and countdown timers. This scheme can deceive even experienced users, highlighting the need for vigilance.
Experts advise MetaMask users not to enter their seed phrases on third-party sites and to verify update notifications only through official channels. Failure to do so leaves users highly vulnerable to losing their funds.
