MetaMask Users Beware: Government Websites Turn into Crypto Traps

Tuesday, 05/09/2023 | 10:59 GMT by Damian Chmiel
  • MetaMask users are being targeted by scams that exploit government websites.
  • Fraudsters redirect them to fake MetaMask pages, putting their crypto assets at risk.
cryptocurrency scam

Online scammers are becoming increasingly sophisticated, using official government websites from various countries to deceive cryptocurrency users. For this purpose, they are once again exploiting MetaMask, a popular Ethereum-based crypto wallet, in an attempt to defraud investors from diverse jurisdictions. Once redirected to these fake MetaMask sites, users risk losing control over their crypto assets.

Official Gov Websites Redirect to Fake MetaMask

The scam that CoinTelegraph initially reported involves redirecting users from official government websites to fraudulent MetaMask sites. These websites are so convincing that they easily deceive users into thinking they are on the official MetaMask platform.

Once there, the fake site prompts users to link their MetaMask wallets, thereby giving scammers full control over the assets stored in those wallets.

Government websites from countries like India, Nigeria, Egypt, Colombia, Brazil, and Vietnam have been found to redirect users to these fake MetaMask sites. This raises concerns about the security measures in place on these government platforms and their potential involvement in the scam.

One such address is the Egyptian Consumer Protection Agency, which redirects from the search engine to a fake MetaMask website.

Source: Finance Magnates
Source: Finance Magnates

Users who visit this site will see a warning in their browser indicating that the site may be deceptive. However, if they ignore this warning, they will encounter a website that closely resembles the original MetaMask service.

The screenshots below show a striking similarity between the original and fake MetaMask page:

Original MetaMask webpage. Source: Finance Magnates
Original MetaMask webpage. Source: Finance Magnates
Fake MetaMask webpage. Source: Finance Magnates
Fake MetaMask webpage. Source: Finance Magnates

Rising Incidents of Scams Targeting MetaMask Users

In 2023, MetaMask boasts a monthly active user base of 21 million. Given its popularity, it's no surprise that scammers are increasingly attempting to exploit the app and its cryptocurrency wallet to defraud consumers and steal their digital assets. As early as 2019, Finance Magnates warned about counterfeit MetaMask apps being removed from the Google Play Store. In 2021, reports surfaced about a phishing attack that aimed to steal MetaMask users' information by posing as customer support.

Last year, the app's developers warned about phishing attempts exploiting Apple devices. Scammers used a security loophole in the iCloud app to access users' seed phrases for their wallets.

The cryptocurrency industry witnessed a spike in financial losses due to cyberattacks and vulnerabilities, reaching a year-to-date high of $303 million in July. The blockchain security firm, Certik published an update detailing these losses six weeks ago.

Earlier in July, Finance Magnates disclosed that cyber criminals had stolen $313 million in the year's second quarter, a figure nearly identical to the $320 million lost in the first quarter. Notably, losses attributed to exit scams alone saw a twofold increase, hitting $70 million.

Online scammers are becoming increasingly sophisticated, using official government websites from various countries to deceive cryptocurrency users. For this purpose, they are once again exploiting MetaMask, a popular Ethereum-based crypto wallet, in an attempt to defraud investors from diverse jurisdictions. Once redirected to these fake MetaMask sites, users risk losing control over their crypto assets.

Official Gov Websites Redirect to Fake MetaMask

The scam that CoinTelegraph initially reported involves redirecting users from official government websites to fraudulent MetaMask sites. These websites are so convincing that they easily deceive users into thinking they are on the official MetaMask platform.

Once there, the fake site prompts users to link their MetaMask wallets, thereby giving scammers full control over the assets stored in those wallets.

Government websites from countries like India, Nigeria, Egypt, Colombia, Brazil, and Vietnam have been found to redirect users to these fake MetaMask sites. This raises concerns about the security measures in place on these government platforms and their potential involvement in the scam.

One such address is the Egyptian Consumer Protection Agency, which redirects from the search engine to a fake MetaMask website.

Source: Finance Magnates
Source: Finance Magnates

Users who visit this site will see a warning in their browser indicating that the site may be deceptive. However, if they ignore this warning, they will encounter a website that closely resembles the original MetaMask service.

The screenshots below show a striking similarity between the original and fake MetaMask page:

Original MetaMask webpage. Source: Finance Magnates
Original MetaMask webpage. Source: Finance Magnates
Fake MetaMask webpage. Source: Finance Magnates
Fake MetaMask webpage. Source: Finance Magnates

Rising Incidents of Scams Targeting MetaMask Users

In 2023, MetaMask boasts a monthly active user base of 21 million. Given its popularity, it's no surprise that scammers are increasingly attempting to exploit the app and its cryptocurrency wallet to defraud consumers and steal their digital assets. As early as 2019, Finance Magnates warned about counterfeit MetaMask apps being removed from the Google Play Store. In 2021, reports surfaced about a phishing attack that aimed to steal MetaMask users' information by posing as customer support.

Last year, the app's developers warned about phishing attempts exploiting Apple devices. Scammers used a security loophole in the iCloud app to access users' seed phrases for their wallets.

The cryptocurrency industry witnessed a spike in financial losses due to cyberattacks and vulnerabilities, reaching a year-to-date high of $303 million in July. The blockchain security firm, Certik published an update detailing these losses six weeks ago.

Earlier in July, Finance Magnates disclosed that cyber criminals had stolen $313 million in the year's second quarter, a figure nearly identical to the $320 million lost in the first quarter. Notably, losses attributed to exit scams alone saw a twofold increase, hitting $70 million.

About the Author: Damian Chmiel
Damian Chmiel
  • 1950 Articles
  • 46 Followers
About the Author: Damian Chmiel
Damian's adventure with financial markets began at the Cracow University of Economics, where he obtained his MA in finance and accounting. Starting from the retail trader perspective, he collaborated with brokerage houses and financial portals in Poland as an independent editor and content manager. His adventure with Finance Magnates began in 2016, where he is working as a business intelligence analyst.
  • 1950 Articles
  • 46 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}