It has been reported that in a tweet published on May 3 (Monday), MetaMask warned users that the bot attempts to direct users to a purported “instant support” portal where they are prompted to enter information into a Google Docs form.
🚨PHISHING ALERT!: a new type of phishing bot is becoming active. 🎣 👨🏻Comes from an account that looks “normal” (but few followers) 📑Helpfully suggests filling out a support form on a major site like Google sheets (hard to block). 🪝Asks for your secret recovery phrase. pic.twitter.com/EeHumnmzbE — MetaMask (@MetaMask) May 3, 2021
However, the form asks for the secret recovery phrase that can be used to respawn users’ crypto wallets.
MetaMask stated that it does not have a Google Docs-based support system, urging users to seek support from the “Get Help” option within the MetaMask app itself to avoid being scammed.
MetaMask also encourages users to report scams impersonating the wallet and its services, noting customers can do so in the app. Due to its popularity, MetaMask is one of the top targets for hackers and scammers. The developer behind the wallet, ConsenSys, reported that it had hit a record 5 million active monthly users.
A new phishing bot doing the rounds is asking for MetaMask users’ seed phrases — don’t fall for it! https://t.co/XIVdlsJNUR — Cointelegraph (@Cointelegraph) May 3, 2021
Likewise, phishing attacks are a social engineering technique used by scammers to lure users into completing an action that reveals personal information or account details. In December 2020, MetaMask detailed a “rotten seed phrase attack,” in which a malicious website mimics the website of the wallet the user is trying to install.
Thus, the fake website generates a seed phrase that enables the scammers to control the wallet once it has been installed.