In order to trick investors and cryptocurrency users, it has been observed several times that attackers created clone websites of top companies to trick users. Recently, scammers have developed a cunning technique to target MetaMask users by using government-owned website URLs to deceive them into accessing fraudulent MetaMask websites.
When unsuspecting users click on these deceptive links within government websites, they are redirected to fake MetaMask websites that bear a striking similarity to the genuine platform. Despite Microsoft Defender’s warning about a potential phishing attempt, some users choose to proceed.
Once on the fake website, users are encouraged to link their MetaMask wallets to gain access to various services. Unfortunately, this action grants scammers full control over the assets held in these MetaMask wallets. Despite reporting the issue, MetaMask has not responded.
In April 2023, scammers managed to steal 5,000 ETH from multiple addresses across various blockchains, these funds were not directly stolen from MetaMask itself. The MetaMask team later conducted an exhaustive investigation to determine how these scams are being executed.
But for this recent ongoing trick by the scammer, no definite answers have appeared from the MetaMask. Currently, MetaMask has 21 million active monthly users. Due to its popularity, scammers are attempting to deceive users and abscond with their digital assets. In early 2021, there were reports of scammers posing as customer support to pilfer information from MetaMask users.
In an earlier report by Todayq News on October 25, 2022, attackers had used a chain of malware-infected domains to capitalize on user typing errors, spoofing well-known companies and apps like Google Play Store, Apkure, and Apkcombo. Users were duped into downloading infected apps that propagated malware, including the ERMAC trojan, which could pilfer private data. At least 27 companies and apps, including TikTok, Vidmate, Snapchat, PayPal, Notepad+, and Tor Browser, were targeted in these attacks.
On September 4, 2023, the SEC took legal action against 11 individuals for their role in running Forsage, a cryptocurrency scam that duped millions of investors globally, including those in the US, into giving them over $300 million. It’s both a pyramid scheme and a Ponzi scheme.