Warning to 30 million cryptocurrency users: ‘Verify your wallet’
Scammers are targeting cryptocurrency users and trying to steal people’s coins and tokens.
Aussie cryptocurrency users are being warned about a new scam that is trying to steal their funds.
MailGuard sounded the alert and said it had been blocking fake emails supposedly sent by MetaMask, a crypto wallet that has more than 30 million users worldwide.
Aussies have been told to look out for an email with the subject line, “Your wallet will soon be suspended” and the sender name “Meta-Mask”.
Also read: Warning over $16,000 crypto wallet scam
Also read: Crypto is bleeding: Time to buy or last chance to get out?
Also read: Tax 2022: How to lodge your cryptocurrency winnings and losses
The email uses MetaMask branding and tells the recipient to verify their crypto wallet before it is suspended the next day. The only thing that may raise alarm bells was the sender’s email address, MailGuard said, which appeared to be from a Japanese construction business.
By clicking the ‘verify your wallet’ button, users are taken to a website that is “almost an identical replica of the MetaMask website”. The user is then taken to a page that asks them to enter their recovery phrase words.
“If the victim enters their phrase words and clicks the ‘Recover Wallet’ button, they are redirected to the legitimate MetaMask website, none-the-wiser. The scammer will then be able to access the victim's wallet and will instantly transfer any crypto coins or tokens into their own account,” MailGuard said.
MetaMask said it would never email you about your account, and urged users to not click on any links or give out their recovery phrases.
Cryptocurrencies don’t have the same safeguards as regular banks and credit cards, MailGuard warned, so you may not be able to recover your lost funds if you were hacked.
Aussies lost more than $24 million to phishing scams last year - where scammers tried to trick you into giving out your personal information.
One red flag is if a business or provider contacts you out of the blue and asks you to update or verify your details.
Other warning signs include messages that don’t address you by name, or contain errors and website addresses that look unfamiliar, and ask for your details.
Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to our free daily newsletter.