MetaMask has warned users about a phishing campaign that impersonated two-factor authentication security alerts to steal wallet recovery phrases. The fake emails claimed users needed to update their 2FA settings by a specific deadline or face restricted access to wallet features.
Security researchers said the scam directed victims to fraudulent pages designed to capture mnemonic phrases, giving attackers full control over funds.
Industry experts urged users to verify sender addresses carefully and avoid clicking links in unsolicited emails. MetaMask reiterated that it never asks users to share recovery phrases or sensitive credentials.
Similar scams have surfaced in the past, exploiting fear and urgency to trick victims. Security firms stressed that even a single convincing email can lead to significant losses. The incident underscores the continued importance of user education, email vigilance, and cautious handling of security-related messages in the crypto ecosystem.
You need to login in order to Like
Leave a comment