Criminals are getting smarter and we need to be one step ahead of them, no matter how difficult it is. I have always been told never to give my private key or seed phrase to others, but now people scam by spreading seed phrases, it's so stupid and greedy for what they do. You will lose all your money in return, never trust a project or a website that forces you to enter 12 keys and understand it is just a scam and we need to be alert.
It is always a must not to share your private keys or even QR codes because in this digital age, scammers are even smarter than us. They will always find ways to scam other people because its their job that sustain their daily living. Everything that seems so suspicious should not be tolerated and as much as possible, never entertain people or websites that are almost indulging your privacy. I thought only private keys can get steal, but now also QR codes. This is the reason why we should always stay alert and cautious. 
Topic: Be Careful Sharing The QR Code Of Your Wallet Too (Read 318 times)
Criminals are getting smarter and we need to be one step ahead of them, no matter how difficult it is. I have always been told never to give my private key or seed phrase to others, but now people scam by spreading seed phrases, it's so stupid and greedy for what they do. You will lose all your money in return, never trust a project or a website that forces you to enter 12 keys and understand it is just a scam and we need to be alert.
Thanks so much for the advice. This world is an advance place due to technology advancement, small mistakes will lead to a very huge lost, most especially wallets keys that give access to all token and assets in the wallet, once some scammers were able to access your key all tokens were gone. This is a very good advice I hope newbies like me will take note of this.
Yes, I believe QR codes infected with malware constitute a new concern. When you scan the code, a malicious code will record information about your wallet which can be used to commit fraud. Scanning should be done with care.
Wow, I never realized this myself if it turns out that fraudsters have been able to create fake QR codes that can scan all the information of other people who scan their codes, this is really scary because fake QR codes and real ones are indistinguishable.
Oh, wow that's anew one. I honestly didn't know that. And looking critically at it, its a huge security breach. I just checked my mobile Metamask, and truly, they have disabled that share option. So kudos mate, for bringing this up. By the way, many malicious actors would hate your guts for this
Usually QR also has data for access to our wallet. Even if we open Myetherwallet there to get the private key. We will also be shown with a QR code. We need to be more careful to store our wallet access. Accessing a QR account is required.
It seems we are missing a point here.
The QR code which was shared by the user was associated with his private keys.
#3 Tweet specify the exact communication of NFT guy with the fake mod. They clearly mentions that it was private key which got shared by mistake. I am pretty sure there is low chance that the tech will be able to extract the private keys from the public key. This way not only MetaMask but the whole other wallets will be compromised / should have been compromised by this time as they use the same synchronisation protocol.
It's really a good share btw because everyone should have their eyes wide open before sharing their qr codes. Good insane tip is to keep both of them separate and only keep the public keys handy while sharing.
The QR code which was shared by the user was associated with his private keys.
#3 Tweet specify the exact communication of NFT guy with the fake mod. They clearly mentions that it was private key which got shared by mistake. I am pretty sure there is low chance that the tech will be able to extract the private keys from the public key. This way not only MetaMask but the whole other wallets will be compromised / should have been compromised by this time as they use the same synchronisation protocol.
It's really a good share btw because everyone should have their eyes wide open before sharing their qr codes. Good insane tip is to keep both of them separate and only keep the public keys handy while sharing.
A bit such incident happened with me. I store my 2fa QR code image in my email and somehow it’s stolen by hacker even though at first i didn’t found any clue how it happened than i observed it’s leaked from my QR code. Thanks for your post to alerting in here.
This is why I don’t sent any details on email because it can compromise and its too risky. Hackers has a lot of ways to hack people, sharing QR code of your address might also be risky, better not to try it at all. Store all your important information online, this could save you a lot from any trouble especially now the market is getting better so you might want to be safe.Actually we had better store all our passwords and keys vice versa off-line, on paper in the place where nobody has access to. If you store it somewhere in your computer, a hacker can send you a letter with virus for example, and this way your computer will be hacked and all information will be stolen. So personally I have put all my keys in my notebook.
Yes, I believe QR codes infected with malware constitute a new concern. When you scan the code, a malicious code will record information about your wallet which can be used to commit fraud. Scanning should be done with care.
A bit such incident happened with me. I store my 2fa QR code image in my email and somehow it’s stolen by hacker even though at first i didn’t found any clue how it happened than i observed it’s leaked from my QR code. Thanks for your post to alerting in here.
This is why I don’t sent any details on email because it can compromise and its too risky. Hackers has a lot of ways to hack people, sharing QR code of your address might also be risky, better not to try it at all. Store all your important information online, this could save you a lot from any trouble especially now the market is getting better so you might want to be safe.Actually we had better store all our passwords and keys vice versa off-line, on paper in the place where nobody has access to. If you store it somewhere in your computer, a hacker can send you a letter with virus for example, and this way your computer will be hacked and all information will be stolen. So personally I have put all my keys in my notebook.
You have heard about never share your private key or recovery phrase but sharing qr codes is as dangerous.
There is sync with mobile feature in metamask wallet which lets you sync your desktop metamask with mobile, problem is it gives complete access to the one scanning qr, which many are unaware of.
Victim: https://twitter.com/Ape_NFTs/status/1427706077332873220
Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
Other cases:
Edit: metamask has disabled the qr code feature as of now.
With the way the crypto space is growing and the push for scammers to get to their victims in any way they can, I would say it's better not to share any information other than wallet addresses with anyone or even store it on your frequently used device, offline is always best . Also, better to just share the wallet address but anything short of that, just keep it to yourself, the reason being, I used to know you could scan a QR code instead of sending an address but with this new development, let someone not get mixed up, then just a better wallet address to share. There is sync with mobile feature in metamask wallet which lets you sync your desktop metamask with mobile, problem is it gives complete access to the one scanning qr, which many are unaware of.
Victim: https://twitter.com/Ape_NFTs/status/1427706077332873220
Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
Other cases:
Another similar case: https://mobile.twitter.com/_jeffnicholas_/status/1430323445057744897
Holy shit, another! 250 eth: https://mobile.twitter.com/sohrobf/status/1430478533306982408
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
Edit: metamask has disabled the qr code feature as of now.
A bit such incident happened with me. I store my 2fa QR code image in my email and somehow it’s stolen by hacker even though at first i didn’t found any clue how it happened than i observed it’s leaked from my QR code. Thanks for your post to alerting in here.
For your safety , when making use of a cryptocurrency wallet, you don’t have to be sharing any information at all with people you don’t know. Everything that has to do with your cryptocurrency wallet should be secured, every single bit of information. Even the slightest information that you least expect can be used to track or hack your wallet and before you know it you have lost your assets that are stored in there.
So, when giving out information just make sure that you’re giving out the ones you’re meant to give out and not the ones you are not to. It’s just like people who drop their emails online thinking that there is no risk in doing that, that can be a risk because anyone can hack your email and look through it and be able to lay hands on information that are very important to you. So, let’s always be guided.
So, when giving out information just make sure that you’re giving out the ones you’re meant to give out and not the ones you are not to. It’s just like people who drop their emails online thinking that there is no risk in doing that, that can be a risk because anyone can hack your email and look through it and be able to lay hands on information that are very important to you. So, let’s always be guided.
I never thought that such troubles could arise because of the QR code of my wallet. I constantly use the METAMASK application and this information is very important to me. Thanks to the author.
If you are a type of gullible individuals here in crypto space, certainly, you are closed to become a victim by the scammer
for sure. That is why my rule is never talk to a stranger unless you know him anyhow. And never forget that Qr code,
seed phrase or private key is the most important matter here in cryptocurrency business industry
for sure. That is why my rule is never talk to a stranger unless you know him anyhow. And never forget that Qr code,
seed phrase or private key is the most important matter here in cryptocurrency business industry
There are many extremely sophisticated scams that make us fall into the trap at any time. Thanks for sharing these, it is very helpful for me and those around me.
Sharing personal wallet information is always been prohibited. So many scammer now and if you used to give your wallet info than you are saying goodbye to your funds on that wallet. We know that we used mostly trust wallet and metamask. They have a QR code features and agree of what you have said, QR code is dangerous than other password, recovery phrase and etc. This should be not shared at all and should be take care my the wallet owner at all times.
You have heard about never share your private key or recovery phrase but sharing qr codes is as dangerous.
It depends on what kind of QR codes. If it only contains your (public) address, I think it's safe. But there are private QR codes that you should keep it for yourself, such as, private keys and websites sync which is quite popular for login from phone apps, or vice versa. Binance, Okex, and other popular exchanges also use this method, so keep it (the qr code) secret.Anyway, thanks for mentioning this so that newbies won't fall to scams.
I also did not know about this metamask possibility.
But I always use a hardware wallet to work with metamask. The seed phrase is not stored on the computer, and any action requires pressing buttons on the hardware wallet.
The same algorithm applies to mobile phone owners.
People store hundreds of thousands of dollars in wallets and have no desire to spend $ 100 on security.
But I always use a hardware wallet to work with metamask. The seed phrase is not stored on the computer, and any action requires pressing buttons on the hardware wallet.
The same algorithm applies to mobile phone owners.
People store hundreds of thousands of dollars in wallets and have no desire to spend $ 100 on security.
Holy shit, another! 250 eth: https://mobile.twitter.com/sohrobf/status/1430478533306982408
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
PMs from strangers are bad.2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
PMs from anyone in which the sender asks for money is bad & suspicious. You must check that it is a real person you know or an impersonator
PMs from entire stranger who ask for money is most terrible.
I always do video calls in order to confirm that the person I will send money to is the person who sent me PMs.
It never came to 'sending money' in these scams, those are obvious.
Holy shit, another! 250 eth: https://mobile.twitter.com/sohrobf/status/1430478533306982408
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
PMs from strangers are bad.2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
PMs from anyone in which the sender asks for money is bad & suspicious. You must check that it is a real person you know or an impersonator
PMs from entire stranger who ask for money is most terrible.
I always do video calls in order to confirm that the person I will send money to is the person who sent me PMs.
It never came to 'sending money' in these scams, those are obvious.
Holy shit, another! 250 eth: https://mobile.twitter.com/sohrobf/status/1430478533306982408
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
PMs from strangers are bad.2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
PMs from anyone in which the sender asks for money is bad & suspicious. You must check that it is a real person you know or an impersonator
PMs from entire stranger who ask for money is most terrible.
I always do video calls in order to confirm that the person I will send money to is the person who sent me PMs.
Holy shit, another! 250 eth: https://mobile.twitter.com/sohrobf/status/1430478533306982408
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
Thanks for sharing this very important information and I am not even aware of such, although I have not tried it before. One of the things that comes with innovations is that, the more a technology grows, the more the users needs to be up to date with what's happening, else a small mistake might put the user at a great risk.
With the way crypto space is growing and the urge of scammers to get their victims in anyway they can, I would say it is quite better not sharing any sort of information apart wallet address with anyone nor even keeping such in your prominently used devices, offline is always the best. Also, it's better sharing only wallet address but anything short than that, just keep it to yourself, the reason for this is, I used to know you can scan QR code instead of sending address but with this new development, let someone not get mixed up, hence only wallet address is better to share.
Thank you for this additional knowledge.
I didn't know that it can possibly happen so for those that usually use mobile for their metamask, it's better to take note on this.
And as well as bookmark it.
I didn't know that it can possibly happen so for those that usually use mobile for their metamask, it's better to take note on this.
And as well as bookmark it.
Had to confess I don't know about this before, I don't know that QR code can take over a wallet permanently just like inserting a private key, thanks for sharing OP, if someone asked me for my wallet QR code I would have send it thinking it's nada
Scammers only take advantage of the victim's negligence to let them explore the device and take over anything before the victim realizes that they were being tricked at that time. This scam is likely to occur on exchange accounts that have a similar syncing method to other devices, I saw it in some exchange mobile apps and interestingly that doesn't require confirmation (2fa, email, etc.) as complicated as on the web version to withdraw funds.
Another similar case: https://mobile.twitter.com/_jeffnicholas_/status/1430323445057744897
You have heard about never share your private key or recovery phrase but sharing qr codes is as dangerous.
There is sync with mobile feature in metamask wallet which lets you sync your desktop metamask with mobile, problem is it gives complete access to the one scanning qr, which many are unaware of.
Victim: https://twitter.com/Ape_NFTs/status/1427706077332873220
Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
There is sync with mobile feature in metamask wallet which lets you sync your desktop metamask with mobile, problem is it gives complete access to the one scanning qr, which many are unaware of.
Victim: https://twitter.com/Ape_NFTs/status/1427706077332873220
Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
QR code can be tactical and should be treated with caution.
I dropped a guide about QR code for any who wish to learn some days ago on [GUIDE] QR CODE: How they are implemented on Bitcoin, Alts and exchange wallet
Protect your finances.
Had to confess I don't know about this before, I don't know that QR code can take over a wallet permanently just like inserting a private key, thanks for sharing OP, if someone asked me for my wallet QR code I would have send it thinking it's nada
With extension from wallet, I only use it with a wallet for one purpose. I don't store all my money in that wallet because if wallets are closed source, I don't know what they built in the extensions.
QR code of 2FA is risky too. It is always easier to scan QR code to set up 2FA for your account but many people scan 2FA QR code and forget to back it up. You will have two options to set up your 2FA, type it, copy and paste, scan QR Code.
I copy and paste to back it up.
Type it manually to check the usability of my backup.
QR code of 2FA is risky too. It is always easier to scan QR code to set up 2FA for your account but many people scan 2FA QR code and forget to back it up. You will have two options to set up your 2FA, type it, copy and paste, scan QR Code.
I copy and paste to back it up.
Type it manually to check the usability of my backup.
I really want to know how the process of this crime, I mean technically.
Just read the following threaded tweets [8 parts] and you'll see the whole picture:- Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
How we should handle these criminals?.
Always double-check and verify who you're talking with [it's a simple step but unfortunately, a lot of people tend to forget or ignore it].@libert19
Thank you for posting this [bookmarked].
I knew of that feature when I was setting up my Metamask on my smartphone. I didn't realize that it has that kind of risk involved when connecting the two. I think this is vital information that everyone should've known and have an idea about.
I also recently saw how someone got hacked; even though he has been in the crypto space for a long time and knows its ins and outs, but he still got hacked. They somehow connected to the wrong site and input the seed phrase. He has been out of his mind doing that, and that's just what happens when you are not in your best condition.
https://www.coinspeaker.com/nft-game-loses-cryptopunk-scammers/
I also recently saw how someone got hacked; even though he has been in the crypto space for a long time and knows its ins and outs, but he still got hacked. They somehow connected to the wrong site and input the seed phrase. He has been out of his mind doing that, and that's just what happens when you are not in your best condition.
https://www.coinspeaker.com/nft-game-loses-cryptopunk-scammers/
Good one libert19 imagine a scammer talking to a crypto newbie, asking him or her to send her qrcode for unknown reasons stating that they don't need their private keys because that shouldn't be shared with strangers, I'm telling you this is doable for newbies
Oh wow, it's really a cruel and scary world. Thank you for sharing. However, if it's legit, I really want to know how the process of this crime, I mean technically. Criminals are getting smarter every day and we need to be a step ahead of them even though it's hard. I was always told to never spread my private key or phrase seeds to other people, but now people scamming by spreading the phrase seeds, This is insane, and now people got scammed by QR code. How we should handle these criminals?.
You have heard about never share your private key or recovery phrase but sharing qr codes is as dangerous.
There is sync with mobile feature in metamask wallet which lets you sync your desktop metamask with mobile, problem is it gives complete access to the one scanning qr, which many are unaware of.
Victim: https://twitter.com/Ape_NFTs/status/1427706077332873220
Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
Other cases:
Edit: metamask has disabled the qr code feature as of now.
There is sync with mobile feature in metamask wallet which lets you sync your desktop metamask with mobile, problem is it gives complete access to the one scanning qr, which many are unaware of.
Victim: https://twitter.com/Ape_NFTs/status/1427706077332873220
Unfolding of events: https://twitter.com/MyCrypto/status/1427711396498731009
Other cases:
Another similar case: https://mobile.twitter.com/_jeffnicholas_/status/1430323445057744897
Holy shit, another! 250 eth: https://mobile.twitter.com/sohrobf/status/1430478533306982408
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
2) https://mobile.twitter.com/oneinaneillion/status/1429333073066295296
Always verify who you receive dms from, all these scams started from fake dms then proceeded to MM qr code.
Edit: metamask has disabled the qr code feature as of now.
Jump to: