Beware of Metamask phishing emails

[Ultegra134]

I received this email today, which is of course a phishing email, but it looked a little more believable compared to others I've received the past few months, it even has a "verified" tick next to their email. Never "manually" secure your account by connecting your wallet to an unknown service or platform, or even worse, input your private key because automatic validation "failed".

Unfortunately, there's still a reasonable amount of people who are unaware and fall victims to these scams.

[Orpichukwu]

The first method to detect a scam email without even trying to locate the error that might come with the email is that creating a Metamask wallet doesn't require users to input their email address before the wallet creation can be done; you just generate your wallet phrase or private key, and that's it.
 
So how can Metamask get your email address without you giving it to them? I personally discard any email that claims to come from all these wallet providers, and I know I have not given them my email address before. Receiving email from them alone is a scam.

[JeromeTash]

That blue checkmark is rather psychological to some users. It makes them believe as though the email is authentic, and yet it is not. I believe your email address must have leaked in one of those crypto related websites you signed for. So the scammer have an idea that you are into crypto.
It could have been something similar to the CoinMarketCap hack sometime back or the recent Coingecko hack.

[_act_]

It could have been something similar to the CoinMarketCap hack sometime back or the recent Coingecko hack.

You mean the email of users leaked on Coinmarketcap or Coingecko? It could also be the user itself submitted his email somewhere online. Even those that submit their email for Trezor newsletter got their email breached by hackers. But is there a way that someone will provide his email somewhere on Metamask? This phishing attacker is common to Metamask users. I guess the bad actor knows definitely that the user are using Metamask.

[Lucius]

I've never used this wallet because I simply didn't need it, and the fact that it only had a browser version in the past (if I'm not mistaken) was completely repulsive to me considering that it's just too big a risk. I understand that a lot of people need to use this kind of wallet considering what they do, but I see countless risks in all of this, not only because scammers target potential victims through phishing, but also how often we can read that someone has linked their wallet in this way he was left without everything.


@Ultegra134, maybe you didn't notice (or it doesn't matter too much to you), but the screenshot you posted reveals your e-mail address.

[coin-investor]

I received this email today, which is of course a phishing email,

In that case your email has been pawned or there is a data breach on one of the site where your email is part of the breach, you should check it using this tool Check if your email address is in a data breach

but it looked a little more believable compared to others I've received the past few months, it even has a "verified" tick next to their email.

Even scammers can use this feature to scam their recipients, if you do not know the sender or you have not opted to be part of their email database then its considered a spam, and besides Metamask never ask for emails so how come they will send you an update through email.

Never "manually" secure your account by connecting your wallet to an unknown service or platform, or even worse, input your private key because automatic validation "failed"

If they ask you for private keys then its a scam, no platform other than your wallet can ask your private key or seeds

[cryptomaniac_xxx]

I received this email today, which is of course a phishing email, but it looked a little more believable compared to others I've received the past few months, it even has a "verified" tick next to their email. Never "manually" secure your account by connecting your wallet to an unknown service or platform, or even worse, input your private key because automatic validation "failed".

Unfortunately, there's still a reasonable amount of people who are unaware and fall victims to these scams.

Yes, this is another classic example of the modus of scammers, they try to emulate those well known wallet and try to be spoof team with this kind of emails. It's good that you recognized this as a phishing email and hopefully we one will fall for it.

Not just in email though, even is SMS or text message, this scammers are very active, not just in crypto, but everything financial like banks. And as what others said, it's better to verify first and just don't try them.

[Ultegra134]

I've never used this wallet because I simply didn't need it, and the fact that it only had a browser version in the past (if I'm not mistaken) was completely repulsive to me considering that it's just too big a risk. I understand that a lot of people need to use this kind of wallet considering what they do, but I see countless risks in all of this, not only because scammers target potential victims through phishing, but also how often we can read that someone has linked their wallet in this way he was left without everything.


@Ultegra134, maybe you didn't notice (or it doesn't matter too much to you), but the screenshot you posted reveals your e-mail address.

Thanks, totally forgot about it! I Reuploaded the screenshot without it.

I'm not too fond of this wallet either, I've used it in the past when I was staking on Beefy or similar platforms. I've now stopped using it and withdrew all my funds, I also didn't feel safe using it and read quite a few stories of people getting scammed. I almost got scammed as well, but it was my fault, it just shows the vulnerabilities of such wallet.

That blue checkmark is rather psychological to some users. It makes them believe as though the email is authentic, and yet it is not. I believe your email address must have leaked in one of those crypto related websites you signed for. So the scammer have an idea that you are into crypto.
It could have been something similar to the CoinMarketCap hack sometime back or the recent Coingecko hack.

That's true, at it's quite common on social media pages, where you can practically purchase it for a small amount of money. That's actually an old email of mine which has been found in quite a few database leaks.

[robelneo]

I always hit spam on emails I'm unfamiliar with, and if they do not have an unsubscribe button, it's targeted spam and likely a scam attempt.
I checked the source of the email, and it's using the domain

Code:

qemailserver.com

My anti-virus is blocking it because of its invalid certificate; a legitimate site will always have a valid certificate.

URL: qemailserver.com
Reason: Invalid name of certificate. Either the name is not on the allowed list or was explicitly excluded. View certificate

[albon]

at it's quite common on social media pages, where you can practically purchase it for a small amount of money. That's actually an old email of mine which has been found in quite a few database leaks.

This may not be the original blue tick in the message you received. It may be one of the symbols used as a trick to make the sender’s email/name appear as if it actually has the original verification mark, or perhaps the scammers have used the BIMI feature provided by Gmail and Yahoo through their primary domain and their brand logo to obtain this verification mark that is given to the owners of organizations, companies, public figures and the like. For this reason, verification marks have become easy, as you mentioned, and can be purchased through social media. Therefore, the sender’s email and the content of the message are one of the clear signs that prove this phishing attempt.

I do not advise anyone to open the email links or download any attached files. Instead, rely on bookmarked official links in your browser. MetaMask is a secure wallet, and these phishing messages target all wallets and crypto platforms. Therefore, everyone should be aware of what they are doing and know the necessary security measures.

[aioc]

Even if they are using a blue tick that makes the email legit, we still have to follow the established advice of not connecting our wallet to platforms coming from emails.

Metamask clearly stated it in their article :

MetaMask will never send you unsolicited emails.
MetaMask will not and cannot initiate email correspondence with you.
We hold no personal identifying information such as names, email addresses, or otherwise — we don't collect these at any point whilst you're creating your wallet. This means we have no means of contacting you directly unless you specifically request it. And even then, there are only a few specific ways you can do this.

https://support.metamask.io/privacy-and-security/staying-safe-in-web3/i-received-an-email-claiming-to-be-from-metamask-is-it-legit

This kind of email is for newbies who are not aware of Metamask policy regarding emails.

[NotATether]

I receive this bullshit all the time. It is automatically thrown in the dumpster bin (aka. Spam).

[Lafu]

I receive this bullshit all the time. It is automatically thrown in the dumpster bin (aka. Spam).

Same here , and there are also a ton of other Fake / Phishing emails all the time.
I guess the first one i have seen was years ago and i also posted it somewhere (i think it was Meta) but at that time the Links was posted in the Forum.
There are so many fake mails for everything lately even you dont have an account on the website and service you get one.

[Ultegra134]

I receive this bullshit all the time. It is automatically thrown in the dumpster bin (aka. Spam).

I receive a bunch of them daily on this email address, however, a large number of them, especially cryptocurrency related ones slip through the spam folder and land in my inbox. Not sure if it's random or Yahoo is crap at identifying phishing and scam emails, or those emails are so sophisticated that manage to pass through their security. They're annoying either way.