MetaMask Warns Investors Against Phishing Attempts by Scammers

MetaMask, a popular supplier of cryptocurrency wallets, issued a warning to investors about continuous phishing efforts. These phishing attempts are being carried out by fraudsters who are trying to contact consumers using Namecheap’s third-party upstream system for emails.

The web hosting business Namecheap discovered that one of its third-party services had been abused in the evening of February 12 for the purpose of sending some unwanted emails, which were directed specifically against users of MetaMask. “email gateway problem” was how Namecheap referred to the situation in question.

In the proactive notice, MetaMask informed its million users that it does not collect Know Your Customer (KYC) information and would never contact users through email to discuss account details. This was done to ensure that users are aware that the company does not conduct KYC checks.

Phishing emails sent out by the hacker include a link that, when clicked, takes the recipient to a bogus MetaMask website that requests a confidential recovery phrase “to keep your wallet safe.”

Investors were cautioned by the provider of the wallet not to disclose their seed words, since doing so would give an unauthorized third party entire control over the user’s cash.

NameCheap has additionally verified that its services were not compromised in any way, nor did any customer information get compromised as a result of this incident. Namecheap acknowledged that their mail delivery was restored within two hours after the original notification, and that all future notifications will now come from the official source.

On the other hand, the primary problem with the sending of unwanted emails is still being looked at at this time. When dealing with correspondence from MetaMask and Namecheap, investors are cautioned to double examine any website URLs, email addresses, and points of contact provided by the companies.

A hacker utilized Google Ad services in January to steal nonfungible tokens (NFTs) and cryptocurrencies from investors. This incident took place in January.

After inadvertently installing malicious malware that was placed in a Google advertising, the NFT influencer known as NFT God suffered “a life-changing amount” of loss.

The event took place when the influencer used the Google search engine in order to download OBS, which is open-source software for video streaming. However, he chose to click on the link that led to a sponsored advertising rather than the legitimate link, which resulted in a loss of financial resources.


Tagged : / / / / / / / /

OpenSea email over inactive NFT listings sparks Twitter debate

Twitter users reacted negatively to an OpenSea email sent to users who still had inactive listings on their accounts. In the email, OpenSea explained that old NFTs listings are still fulfillable, and should be canceled by the user because OpenSea is unable to cancel them on their behalf. They claimed this would “prevent any of your items from being sold at the inactive listing price,” due to Ethereum’s (ETH) dropping price.

According to the NFT collector @dingalingts and other users, this warning had the opposite effect and canceling the listing ended up recreating the order. @Dingalingts tweeted a thread urging users to “FIRST transfer your NFT to a different address and cancel the listing/s on the original address BEFORE” canceling them.

He cites another user @swolfchan.eth who claimed that he lost at least 15 ETH. After canceling a Mutant Ape Yacht Club listing, it was relisted for 6 ETH but someone waiting in the ETH mempool ended up selling the NFT in the same block by front-running the cancellation.

While some users like @roundcatcrypto commented to @swolfchan.eth “This one’s on you man. Don’t play with company because you were trying to save a couple bucks,” others rallied in support of him and @dingalingts.

Alex Attalah, co-founder of OpenSea, responded to @swolfchan.eth’s thread, tweeting that they “have a team working on it and putting up a countermeasure now.” @swolfchan.eth followed up and asked if he could expect a reimbursement, but received no response.