Multiple government-owned websites are being leveraged by crypto scammers to con visitors with fake redirection links related to the popular crypto wallet, MetaMask.
As the most popular Ethereum software wallet, MetaMask’s name is commonly invoked by scammers to invite victims into relinquishing access to their crypto. Its name now appears on government sites for India, Nigeria, Egypt, Colombia, Brazil, Vietnam, and others.
An investigation from Cointelegraph identified many such sites, viewable below.
By clicking the links on such websites, users are redirected fake MetaMask websites resembling the real Metamask.io. Security software like Microsoft Defender will automatically warn visitors upon entry that they may be accessing a phishing site.
The sites include prompts for visitors to connect their Metamask wallets to the site, which would give scammers total access to their funds.
MetaMask’s security team acknowledged that Web3’s growth makes it attractive to scammers and thieves. In a statement to Cointelegraph, the wallet provider said:
“We are building in some heuristics (metadata, indicators, TTPs, etc.) from this current campaign into our detection engines to hopefully detect any more of these attacks as soon as they launch and take steps to take them down before they reach users — or at the very least minimize the exposure.“
Metamask encourages users to report scams, and to not re-use recovery phrases for wallets that have already been compromised.
Back in May, the Federal Trade Commission issued a warning regarding MetaMask phishing scams plaguing users’ inboxes. Such emails, it said, claimed users’ wallets had been blocked, and prompted users to quickly click a link to update their wallet and recover their funds.
MetaMask denied claims in April that its wallet software had been directly hacked after some 5000 ETH was stolen from numerous addresses spanning 11 different blockchains.