Fake MetaMask 2FA security checks lure users into sharing recovery phrases

[_act_]

Why should this fake link lure some people to the point that hackers will steal their coins on their noncustodial wallet?



You can see the link on the image above.

A noncustodial wallet can not force you to enable 2FA but some users will still be fooled with it and be scammed.

The link will take the Metamask users to a website where they can input their seed phrase to continue. If the seed phrase is written on the site, the wallet will be compromised.

What happened: https://cointelegraph.com/news/fake-metamask-2fa-security-checks-lure-users-into-sharing-recovery-phrases

[Nathrixxx]

Some don't know how to make some security checks to ensure that they are not in the wrong path, these scammers are on the rising than ever before, but when we are fortified with the level of information required, we will not be lured into any action by their tricks on us, we should have each wallet properly installed, then we should also get them from the official sites, maintain all the security measures that may be an extension that could bridge the security of our wallet and cause harm later on us at unaware.

[Sticky Bomb]

The link will take the Metamask users to a website where they can input their seed phrase to continue. If the seed phrase is written on the site, the wallet will be compromised.

This is the bait, users should neither share their seed phrases with any third party whether online or offline nor connect their wallet to any site, that is the very valid security measure to escape these phishing attacks.

They target ignorant and vulnerable people, I believe if people also adopt the habit of verifying and no trusting, they would go to their wallet first to check for such prompts before acting or even visit Meta mask official site to confirm if such information exists.

[Joy- maker]

Scammers are always improving their scamming skills from time to time, because they know people will definitely get familiar with their old skills and no longer fall for them. So We have to be very careful in what ever we do in this crypto space. The most target people by thiefs and scammers are those who are holding large amount of crypto in their noncustodial wallet.

And this their new tactics will definitely look strange to anyone who have being using noncustodial wallet for years now, because am pretty sure that noncustodial wallet doesn't ask users to set 2FA on their wallets by sending them messages. And directing users to a separate website in the process of setting the 2FA is a very big red flag and users of noncustodial wallet is suppose to know all this thing's by now. I have been using noncustodial wallet for years now non of my noncustodial wallet has sent me this type of message.

[coinlary]

It's just another form of social engineering and that's why it's very important to have sufficient knowledge about the crypto space at large before trying to delve into it.
I understand that it's possible that anyone can be scammed, but common sense should tell someone who has dedicated some time toward learning about what he's going into that there's a reason why it's called a non-custodial wallet, it should be fully controlled by the owner.

Hence, 2FA is a matter of choice as you've mentioned and besides, I'm not trying to mock victims but can't the victims reason how tf someone is sending an email to them about a wallet that doesn't require their email or any email. 

[Alpha Marine]

Just recently, I said that spotting scams does not require you to have Einstein's level of IQ. They're pretty easy to spot, but somehow people still fall for them simply because they lack knowledge. These things are common things that people should know. They should know that is not the way to set up 2FA. They are also supposed to know that you don't need to input your seed phrase anywhere. If people simply had the knowledge they wouldn't fall for these scams.
I don't know how people will learn about Bitcoin or Crypto and not know these simple things. The annoying thing is that all these things will keep happening. No matter how many times it happens, people still don't learn. I just don't understand it.
I will understand if they're sophisticated scams, but these petty ones are too stupid to fall for.

[Cookdata]

Some don't know how to make some security checks to ensure that they are not in the wrong path, these scammers are on the rising than ever before, but when we are fortified with the level of information required, we will not be lured into any action by their tricks on us, we should have each wallet properly installed, then we should also get them from the official sites, maintain all the security measures that may be an extension that could bridge the security of our wallet and cause harm later on us at unaware.

I'm not sure if scammers are on the rise, it's the same recycled scammers and the same victims. When they have a new pattern of scam that has been on the used for long. If they noticed that it's no longer bringing money like they expected, they introduced another pool of scam and used it until there is nothing in the pool they are making money any longer, this 2FA is just another one disguised into metamask but this has been in existence for long time.

I don't know how people will learn about Bitcoin or Crypto and not know these simple things. The annoying thing is that all these things will keep happening. No matter how many times it happens, people still don't learn. I just don't understand it.
I will understand if they're sophisticated scams, but these petty ones are too stupid to fall for.

When people preferred to used exchanges as a place to hold coin, most don't even know what seed phrase is about, neither do they even know that you can't get mailed by non custodial services that provide wallet for people. They don't know and it's either they know but don't care to know. The fact this made it to coin telegraph, there must have been a complaints from one or two victim that have their wallet address drained after wallet recovery exposure.

We are in time when there is no much going on with EVM chains, you might think this is it but trust me, there is more that will come.

[salad daging]

Why do they still believe in the security that is shared in the email as if it were real, even though this phishing email attack has occurred commonly, especially to the point of providing seed phrases to websites known as phishing domains.

Maybe vulnerable people usually don't think about verifying whether the email is legitimate or not, and can't distinguish between phishing sites and official ones, usually people who are in a hurry do stupid things.

2FA installation in Metamask does not ask for a seed phrase. https://docs.metamask.io/developer-tools/dashboard/how-to/two-factor-authentication/

[FirmWars]

I wonder why some people are still falling victim to this kind of scam, is it that they don't read or they don't learn just the few simple steps of security for their coins? Sometimes this security tips is not even what they need to go and search for but it is just on the wallet they are using, the security tips are given to them but I wonder why they don't pay attention to it meanwhile these tips are not even a wall of text like the terms and conditions of some platforms. Last time I created an address on meta mask, the security tips was there and it reads, "don't share your 12 secret phrase with anyone"  But still, after reading such a security tip, someone will fall victims meanwhile they have been told not to share their secret phrase with anyone. The easiest way to even get scammed is by following a sensitive link on your email, especially a link that you were not expecting just like this one.

[knowngunman]

This is the dumbest scam strategy I have come across so far this year. Lol the year is just beginning 

But tbh, only newbies or old fools can fall for this scam method. First of all, email address is not required using Metamask, it's optional in case you want to receive updates from them. This means they don't have the comprehensive email of all users and can not reach out to some users because they skipped the part of adding their email. Secondly, they already made it clear that they can never request for your back up keys. Every crypto user should be familiar with consequences attach to recovery keys sharing. If people still fall for this, then it means we are not learning anything.

[BitMaxz]

This is the dumbest scam strategy I have come across so far this year. Lol the year is just beginning 

For us it's the dumbest scam strategy because we know much about crypto and security flaws, but newbies or those people who don't have much knowledge can still fall for this trap.

I'm sure some people will still choose to protect their wallet and end up taking this opportunity to add 2FA for extra security. The only problem is dumb users always end up breaking the important rule, which is never share the seed backup with anyone, even if it is a wallet developer. I still saw some of them on Facebook, and I don't know why these newbies are always breaking this important rule. Actually, the MetaMask wallet always reminds you about the important security of the secret recovery phrase, but these newbies seem not taking it seriously.

I'm not going to fall for these traps, and most of the BitcoinTalk members here aren't either, since we are already aware of most of the scam attempts because we heard most of the similar threads like this one.

[Z-tight]

What a way to lose your coins, ignoring the number one rule as a crypto user. The number one rule is never to share your seed phrase with anyone, never enter it in any website or online. Your seed phrase should only be backed up offline, it is the basics that everyone should know.

No service will even make 2fa mandary, neither will any wallet software request your seed phrase. How many times do people need to be told this, because they are making it too easy for this scumbag scammers.

[Kavelj22]

Some don't know how to make some security checks to ensure that they are not in the wrong path, these scammers are on the rising than ever before, but when we are fortified with the level of information required, we will not be lured into any action by their tricks on us, we should have each wallet properly installed, then we should also get them from the official sites, maintain all the security measures that may be an extension that could bridge the security of our wallet and cause harm later on us at unaware.

The problem is clear. Users don't differentiate between types of wallets. A user who doesn't research and try to expand his knowledge, at least regarding his personal uses, would never imagine that a non-custodial wallet might not require 2FA activation or even an email address for contact.
And even after the incident happened and the loss is big, they might be sure that they were scammed by a scammer targeted them by emails and fake website, but never comes to their mind the right security measures with non-custodial wallets different from what they used to see with custudial wallets.

I said it many times: if you can't be responsible for your savings, it's much better you leave the space and return back to banking system.

[Ultegra134]

This is the dumbest looking scam attempt using Metamask's name I've seen. Honestly, do people still fall victims to such scams? Don't get me wrong, kudos to the OP for sharing it with the community, newbies (but not exclusively them) can be tricked into submitting their wallet credentials, but this? This is an emailing monstrosity. It looks like a 10 year old wrote it, if someone ends up scammed by this specific email then I'm going to be dumbfounded.

[EL MOHA]

The problem is clear. Users don't differentiate between types of wallets. A user who doesn't research and try to expand his knowledge, at least regarding his personal uses, would never imagine that a non-custodial wallet might not require 2FA activation or even an email address for contact.
And even after the incident happened and the loss is big, they might be sure that they were scammed by a scammer targeted them by emails and fake website, but never comes to their mind the right security measures with non-custodial wallets different from what they used to see with custudial wallets.

I said it many times: if you can't be responsible for your savings, it's much better you leave the space and return back to banking system.

The thing is that many of the naive users usually go for comfort instead of security checks and that’s why they are usually gotten easily by even scams which are looking like they won’t get to catch anyone. You might be actually looking at this scam as been dumb but seriously it actually can get many crypto users because they careless about their security.

2FA has always been one security check that many most especially those who uses custodial platforms are fond of as they belief it’s a an extra security layer and that’s why phishing scams like this can get them but for me it’s something that I haven’t actually value long term ago most especially with requiring handing out information to third party, the easiest and most reliable second layer of security on a wallet is adding of pass phrase to your seed phrase as this is more like extended seed and doesn’t requires handing out information to any one

[notocactus]

Why should this fake link lure some people to the point that hackers will steal their coins on their noncustodial wallet?

A noncustodial wallet can not force you to enable 2FA but some users will still be fooled with it and be scammed.

People got scammed by the trap because they don't understand about non-custodial wallets. With such wallets, it's their wallet mnemonic seed, it's their wallet, and it's their coins.

If they share or leak their wallet mnemonic seed, it's no longer their own wallet and anyone gets that information can import the wallet on their devices and steal coins from the original owner.

2FA or whatever reasons, never share your wallet mnemonic seed.

People must know that with non-custodial wallets, the advice is create your wallets offline!

[Karl_3000]

Scammers are always improving their scamming skills from time to time, because they know people will definitely get familiar with their old skills and no longer fall for them.

This is wrong because there is nothing that is new about this at all, it has been an old scam but just that 2FA is used this time but it is still the same phishing link that take people to a website that they can put their seed phrase which will be used to steal their coins on their self-custody wallet.

[Joy- maker]

Scammers are always improving their scamming skills from time to time, because they know people will definitely get familiar with their old skills and no longer fall for them.

This is wrong because there is nothing that is new about this at all, it has been an old scam but just that 2FA is used this time but it is still the same phishing link that take people to a website that they can put their seed phrase which will be used to steal their coins on their self-custody wallet.

You are very funny shall  , did you hear me saying that the 2FA scamming is new? Or you are just looking for troubles? Do you actually know what improving skills means? By way There are two paragraphs there, on the first paragraph I said scammers are always improving their scamming skills from time to time, so we have to be very careful, why because the most targeted people are those holding large amount of crypto. Then it was in the second paragraph I a made mention of the 2FA of a thing and talked about it. I know you never read my comment to understand it, you read it not to understand why because you want to prove nonsense. And the earlier you stop this madness, and move up, the better for you.
Further more I believe you know you are abusing the trust system, hope the day I will abuse it just Same way you are abusing it you will take it in good faith? Because one thing is sure and  I rest my case.

[Luzin]

2FA or whatever reasons, never share your wallet mnemonic seed.

Unfortunately, not everyone carefully checks whether a link is fake or from an official site. Hackers exploit users' psychology and build trust with addresses and appearances that closely resemble the real ones. So, what needs to be trained is not only that but also attention to detail. However, looking at this phishing example, it is an old model, and I think scammers are targeting beginners. I believe for experienced users, the likelihood of falling for this type of phishing is low. According to the reference sources, phishing victims in 2025 have already declined. This means users have become aware and are highly cautious about phishing attacks. IMO

[Karl_3000]

Scammers are always improving their scamming skills from time to time, because they know people will definitely get familiar with their old skills and no longer fall for them.

This is wrong because there is nothing that is new about this at all, it has been an old scam but just that 2FA is used this time but it is still the same phishing link that take people to a website that they can put their seed phrase which will be used to steal their coins on their self-custody wallet.

You are very funny shall  , did you hear me saying that the 2FA scamming is new? Or you are just looking for troubles? Do you actually know what improving skills means? By way There are two paragraphs there, on the first paragraph I said scammers are always improving their scamming skills from time to time, so we have to be very careful, why because the most targeted people are those holding large amount of crypto. Then it was in the second paragraph I a made mention of the 2FA of a thing and talked about it. I know you never read my comment to understand it, you read it not to understand why because you want to prove nonsense.

If you are wrong, just accept it than to be doing as if you are not wrong and that you know all. If I correct you, you are always doing as if you know what you are posting, this is another one after I corrected you on the thread that I created that you wanted to derailed.

There is nothing that you want to explain, this scam is not new and I quote you to correct you but you are doing as if you know all. People correct me and I accept but you are just very different. Just know that you do not know up to what you think you know and you are not better at all but you are blind to understand.

I am not abusing the trust system, first you lied that I did not understand Pidgin, second you were derailing my topic with spam. I have evidences and the links are on my trust feedbacks.

And the earlier you stop this madness, and move up, the better for you.

Brother teacher, your involvement in the matter that did not concern you and your arrogance blinded you to see your no sense posts.