Security News > 2022 > June > New MetaMask phishing campaign uses KYC lures to steal passphrases
A new phishing campaign is targeting users on Microsoft 365 while spoofing the popular MetaMask cryptocurrency wallet provider and attempting to steal recovery phrases.
The phishing email, appearing to be sent from MetaMask support, spoofs a Know Your Customer verification request and features convincing branding and no typos or other obvious scam giveaways.
While the real MetaMask doesn't require its users to verify or provide KYC details, dealing with verification requests can be a frustrating experience, possibly causing recipients to be less cautious.
Interestingly, the phishing actors even give the recipients a comfortable deadline of up to a whole month to take action to verify themselves, which is another false sign of legitimacy as phishing attempts usually involve urgency.
The actual MetaMask domain is "Metamask.io," whereas the phishing page uses "Metamask.io-integrated-status.com," which could pass as genuine to unsuspecting users.
If victims enter their passphrase on the phishing site, it goes straight to the threat actors, and often, it doesn't take long for the adversaries to take action and steal the victim's available funds and NFTs. How to stay safe.