MetaMask Users Beware: Government Websites Turn into Crypto Traps

Online scammers are becoming increasingly sophisticated, using official government websites from various countries to deceive cryptocurrency users. For this purpose, they are once again exploiting MetaMask, a popular Ethereum-based crypto wallet, in an attempt to defraud investors from diverse jurisdictions. Once redirected to these fake MetaMask sites, users risk losing control over their crypto assets.

Official Gov Websites Redirect to Fake MetaMask

The scam that CoinTelegraph initially reported involves redirecting users from official government websites to fraudulent MetaMask sites. These websites are so convincing that they easily deceive users into thinking they are on the official MetaMask platform.

Once there, the fake site prompts users to link their MetaMask wallets, thereby giving scammers full control over the assets stored in those wallets.

Government websites from countries like India, Nigeria, Egypt, Colombia, Brazil, and Vietnam have been found to redirect users to these fake MetaMask sites. This raises concerns about the security measures in place on these government platforms and their potential involvement in the scam.

One such address is the Egyptian Consumer Protection Agency, which redirects from the search engine to a fake MetaMask website.

Users who visit this site will see a warning in their browser indicating that the site may be deceptive. However, if they ignore this warning, they will encounter a website that closely resembles the original MetaMask service.

The screenshots below show a striking similarity between the original and fake MetaMask page:

Rising Incidents of Scams Targeting MetaMask Users

In 2023, MetaMask boasts a monthly active user base of 21 million. Given its popularity, it's no surprise that scammers are increasingly attempting to exploit the app and its cryptocurrency wallet to defraud consumers and steal their digital assets. As early as 2019, Finance Magnates warned about counterfeit MetaMask apps being removed from the Google Play Store. In 2021, reports surfaced about a phishing attack that aimed to steal MetaMask users' information by posing as customer support.

Last year, the app's developers warned about phishing Phishing Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno Phishing is a form of cyber-attack in which fake websites, emails, and text messages are used to elicit personal data. The most common targets in this assault are passwords, private cryptocurrency keys, and credit card details.Phishers disguise themselves as reputable businesses and other types of entities. In certain instances, reputable government organizations or authorities are impersonated in order to collect this data.Because phishing relies on psychological manipulation rather than techno Read this Term attempts exploiting Apple devices. Scammers used a security loophole in the iCloud app to access users' seed phrases for their wallets.

The cryptocurrency industry witnessed a spike in financial losses due to cyberattacks and vulnerabilities, reaching a year-to-date high of $303 million in July. The blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp Read this Term security firm, Certik published an update detailing these losses six weeks ago.

Earlier in July, Finance Magnates disclosed that cyber criminals had stolen $313 million in the year's second quarter, a figure nearly identical to the $320 million lost in the first quarter. Notably, losses attributed to exit scams alone saw a twofold increase, hitting $70 million.