According to the latest reports from the experts in Armorbox, hackers are now collecting information from users under a false KYC compliance pretext. The attackers are smoothly bypassing the security of Microsoft Office 365 and drafting emails to send across several financial industries.
Several investors’ most renowned crypto wallets to preserve their digital assets are MetaMask and Chaina. As several blockchain exchanges have made KYC-compliant wallets for users, it has become easier for scammers to target cryptocurrency investors.
The users are getting confused because the hacked email sent out for KYC compliance looks legitimately sent out from the MetaMask Support Team asking their customers to verify their wallet accounts by fulfilling the KYC requirements.
But, when the victim clicks on the link provided, it leads him to a spoofed verification page. According to the researcher who exposed the hacker’s activities, the email the victims received strictly claims to immediately fulfil the KYC details of MetaMask wallet; on failure, the user’s access shall be restricted.
🚨PHISHING ALERT!: a new type of phishing bot is becoming active. 🎣
👨🏻Comes from an account that looks “normal” (but few followers)
📑Helpfully suggests filling out a support form on a major site like Google sheets (hard to block).
🪝Asks for your secret recovery phrase. pic.twitter.com/EeHumnmzbE
— MetaMask 🦊💙 (@MetaMask) May 3, 2021
How can you keep scammers at bay?
There is very little that users can do to keep themselves protected from such scammers. However, financial organisations could augment built-in secure layers within their platforms to detect phishing threats.
Experts suggest that to keep yourself from being attacked by hackers, you must refrain from using similar passwords on several accounts or websites. Also, installing the MFA (Multi-Factor Authentication) filtration system can keep you safe from ongoing virtual scams, whether for personal or business purposes.