Malicious actors are using URLs of government websites from several countries to dupe users of the non-custodial cryptocurrency wallet MetaMask and steal their assets. According to Cointelegraph.
The report concerns government agency websites from India, Nigeria, Egypt, Colombia, Brazil, Vietnam, and other jurisdictions.
The fraudulent links redirect users to a counterfeit MetaMask site. Journalists noted that the Microsoft Defender security system warns of potential phishing on the page.
If users ignore the alert, they are redirected to a copy of the MetaMask site made with cameras. The platform asks users to link a wallet to access various services, which gives the scammers control over the victims’ assets.
In February, the MetaMask team warned users about phishing attacks via Namecheap’s external email service.