A crypto intelligence firm has raised red flags about an increasing flow of comments in the crypto community about an ongoing phishing campaign, which is stealing funds from people who install a malicious browser extension.
Chrome Browser Extension Is Redirecting Crypto Users to a Fake Metamask Site
According to an alert published by Ciphertrace, since December 2, 2020, they have been noticing “an uptick of alerts and comments” about crypto funds stolen via a Chrome browser extension posing as the ethereum (ETH)-based wallet Metamask.
The fraudulent extension redirects victims to installmetamask.com, which is not an official site of Metamask. Per Whois information, the web domain was registered on November 29, 2020. Ciphertrace found out the first mention in Twitter of the fraudulent domain from a user who asked Metamask team about the site’s authenticity.
The screenshots taken to the fake MetaMask site mirrors the real one:
Fraudster Is Paying for Ads to Promote Phishing Site
Moreover, U.S.-based Ciphertrace posted an update on December 3, 2020, detailing that phisher behind Metamask’s fake extension keeps buying sponsored ads on Google, which appear when people search for “metamask” term.
This time, sponsored ads have been relying on other domain names by attempting to impersonate Metamask. One of the domains (meramarks.io), however, is offline as of press time.
The firm has been in contact with the crypto wallet company about the situation. Also, Metamask issued the following warning through their official Twitter account:
@Google is allowing a phisher to buy sponsored ads on their search results. When using crypto, try to use direct links, and if you need to use search, watch out for sponsored links.
Back on January 02, 2020, Google reversed its decision to ban the Metamask app from the Play Store, as per request from the crypto community.
In 2019, the company argued that its strict content policy on apps that expose users to “deceptive or harmful financial products and services” was a reason for the ban.
Have you or a friend been a victim of similar crypto-related phishing scams? Let us know in the comments section below.
Image Credits: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.