Campaña de Phishing Apunta a Inversores Cripto con Alertas Falsas de MetaMask

Binance News · 2026-01-05T12:03:39.000Z

Según Cointelegraph, una nueva campaña de phishing está apuntando a los inversores en criptomonedas al hacerse pasar por MetaMask, una popular billetera de autocustodia. La campaña engaña a los usuarios para que revelen sus frases de recuperación de billetera, según informes de la firma de seguridad blockchain SlowMist. Los atacantes emplean un proceso falso de verificación de seguridad de autenticación de dos factores (2FA), redirigiendo a los usuarios a dominios fraudulentos a través de advertencias de seguridad engañosas que solicitan frases semilla. Una vez que los usuarios proporcionan sus frases de recuperación de billetera, sus fondos son robados, advirtió el director de seguridad de SlowMist, 23pds, en una publicación reciente en X. Esta ola de estafas destaca la importancia de los protocolos de billetera descentralizados, que nunca piden a los usuarios sus frases de recuperación secretas. Estas frases son cruciales para mantener el control sobre la billetera de uno, y compartirlas puede llevar a pérdidas financieras significativas.

According to Cointelegraph, a new phishing campaign is targeting cryptocurrency investors by impersonating MetaMask, a popular self-custodial wallet. The campaign tricks users into revealing their wallet recovery phrases, as reported by blockchain security firm SlowMist. The attackers employ a fake two-factor authentication (2FA) security verification process, redirecting users to fraudulent domains through deceptive security warnings that request seed phrases.
Once users provide their wallet recovery phrases, their funds are stolen, warned SlowMist's chief security officer, 23pds, in a recent post on X. This wave of scams highlights the importance of decentralized wallet protocols, which never ask users for their secret recovery phrases. These phrases are crucial for maintaining control over one's wallet, and sharing them can lead to significant financial losses.
The phishing emails involved in this campaign direct users to fake domains that mimic MetaMask, urging them to enable 2FA quickly to avoid losing access to key wallet features. The final step in this fraudulent process asks users for their 12-word seed phrase to complete the so-called 'security setup.' Crypto phishing scams typically involve hackers sharing fraudulent links to steal sensitive information, such as crypto wallet private keys.
Phishing scams have been a persistent issue in the cryptocurrency space, but the decreasing number of incidents suggests that investors are becoming more aware of these threats. A report from Web3 security tool Scam Sniffer indicates that losses from phishing scams decreased by 83% year-over-year, falling to $83.3 million in 2025 from $494 million in 2024. The number of phishing scam victims also dropped by 68% year-over-year, from 332,000 victims in 2024 to 106,000 in 2025.
Despite the overall decline, losses from phishing attacks peaked in the third quarter of the year, coinciding with the market's most active period. This suggests that phishing losses are closely tied to market activity. Scam Sniffer noted that when markets are active, overall user activity increases, leading to a higher probability of users falling victim to phishing scams. Scammers often impersonate popular brands to build trust with their victims, and MetaMask, with over 100 million annual users and 244,000 connected decentralized applications, is a prime target for such impersonation.

Phishing Campaign Targets Crypto Investors with Fake MetaMask Alerts

Últimas noticias