משתמשי MetaMask ו-Phantom הפסידו יותר מ-$500,000 עקב דיוג
Researchers at Check Point Research (CPR) reported over $500,000 in user losses from a massive phishing campaign on the network.
According to CPR analysts, scammers took advantage of the popularity of cryptocurrency wallets MetaMask and Phantom, as well as advertising on Google to spread their phishing resources. The pages of the fake services were similar to the original ones, except that the applications installed from them were used to steal user funds.
Most of the attacks were recorded by CPR over the past weekend, when hundreds of complaints about incidents involving loss of funds while installing or downloading MetaMask and Phantom applications began to arrive. Some also complained about losing money after trying to exchange cryptocurrencies using Uniswap or PancakeSwap. However, we are talking, of course, about the fake sites of these popular resources, cleverly disguised by scammers as original ones.
The peculiarity of this phishing attack was that the attackers decided not to act in a “proven” way, by sending e-mails to victims with links leading to third-party websites or downloading malware. Instead, they took advantage of a massive advertising campaign on Google.
Unfortunately, not all users carefully checked the addresses of the sites from which they tried to download mobile applications for crypto wallets, so most of them came across the domains “phatnon.app”, “phantonn.app” and others instead of the original phantom.app. In the case of MetaMask, the difference was in additional symbols, for example, MètaMask.
Some of the victims turned out to be newcomers, so it was not difficult to deceive them, taking advantage of the lack of experience and knowledge in the crypto industry. Others have complained on Reddit about the theft of funds from wallets for amounts ranging from $1,000 to $10,000, claiming to have some experience in trading digital currencies.
One of the Check Point Research employees will note that today we are at the origins of a new type of fraud promoting phishing resources using Google Search as the main vector of attacks on cryptocurrency wallets. According to him, each resource has been carefully thought out in terms of the use of keywords that users drive into the search engine in order to be at the top of the search results.
Analysts stressed that the best way to ensure the security of your crypto wallet is to carefully check the address of the resources you visit. This simple, but no less effective way will help you save not only money but also the time spent in the future on unsuccessful attempts to recover the lost funds.
If you decide to try your hand at the world of cryptocurrencies, do it with a trusted and reliable partner - BINANCE
CoinShark is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. This article is for informational purposes, prepared on the basis of materials and information from open sources. Cryptocurrency is a high-risk asset, investments in it can lead to losses. Readers should do their own research before taking any action.