Protecting your Metamask wallet from Apple iCloud hacking
Guide from Metamask
https://twitter.com/MetaMask/status/1515727239391809536
"If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds.
You can disable iCloud backups for MetaMask specifically by turning off the toggle here:
Settings > Profile > iCloud > Manage Storage > Backups.
If you want to avoid iCloud surprising you with unrequested backups in the future, you can turn off this feature at:
Settings > Apple ID/iCloud > iCloud > iCloud Backup"
Topic: New metamask wallet scam (Read 231 times)
should be more careful now more and more scams like that usually they target newbies, even I have seen in my local community group there are some who report about cases like this, what we can do is tell newbies to be aware of scams like this
I can't really imagining myself falling prey for such cheap scam knowing too well it doesn't required any KYC for any operations. Most be sincerely speaking new comers might fall-in prey.
If it's from the real metamask wallet notification i will do the verification, but if not and i see it's from other source, i will ignore it because surely it's a phishing link or a fraud that wants to by pass our wallet using their copy paste strategy..
And obviously its not legit because I've been using metamask for how so long now and i don't have any such notifications for verification.
Thanks to you Op that you shared it here on the forum so that everyone will be aware also.
If you interact with any Defi project, then you need to give permission to the project to use your tokens. This is standard procedure. Bridges do not usually ask for such permissions, but exchangers, defi farming and similar projects need such permissions. Check your approvals from the links above. The most reliable way to store tokens on a wallet that you do not connect to projects. And obviously its not legit because I've been using metamask for how so long now and i don't have any such notifications for verification.
Thanks to you Op that you shared it here on the forum so that everyone will be aware also.
https://twitter.com/MetaMask/status/1508906886610911233?s=20&t=Rm6oIm-IJdZqzT7u74nyJQ
"⚠️ PSA: There’s a new scam making the rounds - fake "mining" sites that ask you to join a "node.”
The site will attempt to connect to your wallet and get you to approve unlimited access to your tokens.
Nothing can be done about it, Metamask (or a web browser) can't whitelist URLs. Users must know what they must know, things like "don't have critical and unnecessary stuff open in a web browser at the same time, browser extensions can read everything in the browser even while not visibly active at the moment, and metamask is a piece of software that doesn't know my email". (And if it knows my IP or my other Eth addresses then this is my own fault.)
It's a cheap scam to be honest but some newbies will still fall for such, I used to get different types of mail from fake block chain dot com website and also crypto.com fake mail too but I'm the type that never bothers about mails that I'm not expecting.
If it's from the real metamask wallet notification i will do the verification, but if not and i see it's from other source, i will ignore it because surely it's a phishing link or a fraud that wants to by pass our wallet using their copy paste strategy..
And obviously its not legit because I've been using metamask for how so long now and i don't have any such notifications for verification.
Thanks to you Op that you shared it here on the forum so that everyone will be aware also.
And obviously its not legit because I've been using metamask for how so long now and i don't have any such notifications for verification.
Thanks to you Op that you shared it here on the forum so that everyone will be aware also.
New scam
https://twitter.com/MetaMask/status/1508906886610911233?s=20&t=Rm6oIm-IJdZqzT7u74nyJQ
"⚠️ PSA: There’s a new scam making the rounds - fake "mining" sites that ask you to join a "node.”
The site will attempt to connect to your wallet and get you to approve unlimited access to your tokens.
So far, they seem to be targeting mobile users & their $USDT."
Approval check
https://tac.dappstar.io/#/
https://approved.zone/
https://0xtracker.app/rev0x
https://twitter.com/MetaMask/status/1508906886610911233?s=20&t=Rm6oIm-IJdZqzT7u74nyJQ
"⚠️ PSA: There’s a new scam making the rounds - fake "mining" sites that ask you to join a "node.”
The site will attempt to connect to your wallet and get you to approve unlimited access to your tokens.
So far, they seem to be targeting mobile users & their $USDT."
Approval check
https://tac.dappstar.io/#/
https://approved.zone/
https://0xtracker.app/rev0x
I don't really think a learned user from this platform will forever fall in this trap, i guess we all know that it does not required a mail to get started. Maybe they could get those mails from spreadsheets where they submitted application. 🤣
Guess what? Its only those who are greed and desperate to make gain will definitely fall into this mess.
Guess what? Its only those who are greed and desperate to make gain will definitely fall into this mess.
There's no way metamask would know our email addresses as they are non custodial wallet. It doesn’t require us an email address when we create wallet with them. Therefore, it's pretty easy to understand that it's a trick to rip off the noobs; & they are falling into the trap.
I have seen this earlier in twitter tonight. Someone was saying something like metamask will go public LOL & some other noobs were asking questions based on that. It's quite surprising that they never do their own analysis before falling into the trap.
I have seen this earlier in twitter tonight. Someone was saying something like metamask will go public LOL & some other noobs were asking questions based on that. It's quite surprising that they never do their own analysis before falling into the trap.
This kind of scam is designed for absolute beginners in the crypto industry. Apart from the fact that MetaMassk has nothing to do with e-mails, you should also take into account that it is a self-custody wallet. KYC cannot be used in such wallets by definition. It would be as silly as if someone suggested to pass KYC to verify Electrum
. Apparently scammers are really running out of clever schemes to cheat users and they started using such trivial and contradictory things for scam. 
I guess the swindler was just taking advantage of the situation. The fact that has happened lately is that Metamask is experiencing transaction disruptions due to problems with their technical partners. While this incident will not bother users globally, for noobs it will trigger their own skepticism so that if they are careless they will follow the instructions of this fake emails.
Fraudsters always take advantage of the current situation and try to deceive other users. In any popular fashion area, they come first. The best way to protect yourself is not to rush to follow various recommendations, but to ask for advice in any crypto community.That's right, we really have to know which recommendations are right because every suggestion given must be filtered, it would be better if we could gather with a community that always gives advice or is warned if there are any discrepancies.
Wow, I've got one of those emails too but I didn't paid attention, as I don't really use MetaMask at all, just for site registrations. Too many complications with them lately, stolen funds, hacks etc. only bad things I hear about them.
I dont see any complications yet creating a wallet on Metamask is just easy as breeze as long you do able to make those seed phrase in safe place then this would be a good wallet to have compared into those non-custodial ones it is just that common that these kind of scenarios of hacking and phishing is not something new into this market and there would be no exemptions on this one.We've seen tons of this one in the past and not surprising that there would be always coming something new thats why you should really be aware on what are the things happening around.
The same old techniques again and again? Holy shit when people are going stop falling for such scams. 
Also I read something about the decentralization of Metamask they are actually restricting people from certain countries, is this true?
Really too bad that there are still people that are falling for this scam. They've forgotten that there's no need for an email to sign up for a metamask wallet.Also I read something about the decentralization of Metamask they are actually restricting people from certain countries, is this true?
This is also the same for other wallets and exchanges, they're sending the same message of restriction and they're requiring their victims to sign in to their made-up link.
The same old techniques again and again? Holy shit when people are going stop falling for such scams.
Also I read something about the decentralization of Metamask they are actually restricting people from certain countries, is this true?
Also I read something about the decentralization of Metamask they are actually restricting people from certain countries, is this true?
Wow, I've got one of those emails too but I didn't paid attention, as I don't really use MetaMask at all, just for site registrations. Too many complications with them lately, stolen funds, hacks etc. only bad things I hear about them.
Anyone knows how hackers can use this information? Because it seems pretty much useless.
Pictures of KYC documents are pretty much worthless, you can buy a full set of them for about 1$ or you can even order a professionally photoshopped ID picture for a small payment. Maybe they are going to send you a phishing link later after you pass "KYC", but neither private data nor email is enough to get funds out of non-custodial service.
Another question is to find where did they get the email database, but it seems like spammers might just took the first leaked database that relates to crypto
Pictures of KYC documents are pretty much worthless, you can buy a full set of them for about 1$ or you can even order a professionally photoshopped ID picture for a small payment. Maybe they are going to send you a phishing link later after you pass "KYC", but neither private data nor email is enough to get funds out of non-custodial service.
Another question is to find where did they get the email database, but it seems like spammers might just took the first leaked database that relates to crypto
There's no way metamask would know our email addresses as they are non custodial wallet. It doesn’t require us an email address when we create wallet with them. Therefore, it's pretty easy to understand that it's a trick to rip off the noobs; & they are falling into the trap.
I have seen this earlier in twitter tonight. Someone was saying something like metamask will go public LOL & some other noobs were asking questions based on that. It's quite surprising that they never do their own analysis before falling into the trap.
If you are really that dumb then you would easily fall into these simple traps but if you do just make use your own common sense and awareness then you do easily spot it out that this was a scam attempt.I have seen this earlier in twitter tonight. Someone was saying something like metamask will go public LOL & some other noobs were asking questions based on that. It's quite surprising that they never do their own analysis before falling into the trap.
It is true that they havent asked out for some email address on the time you had created your wallet which if you do make use of your own common sense then you wouldnt really be having problems.
Scams are everywhere and you should really make yourself be aware most of the times or be vigilant.
legendary
Activity: 2828
Merit: 1213
Call your grandparents and tell them you love them
A simple check on the email headers shows that they are throwaway email addresses from where the email is being sent and therefore proves the assumption that it is a scammer attempting a fraud by a scare tactic.
But there will be a lot of people falling for this one, since most people dont understand how ethereum works and how metamask works.
I still see threads claiming that bitcoin is a company and that they can return them the money they lost if they send them private keys.
These basic things should be understood by every crypto user or they are risking their hard earned money.
But there will be a lot of people falling for this one, since most people dont understand how ethereum works and how metamask works.
I still see threads claiming that bitcoin is a company and that they can return them the money they lost if they send them private keys.
These basic things should be understood by every crypto user or they are risking their hard earned money.
I guess the swindler was just taking advantage of the situation. The fact that has happened lately is that Metamask is experiencing transaction disruptions due to problems with their technical partners. While this incident will not bother users globally, for noobs it will trigger their own skepticism so that if they are careless they will follow the instructions of this fake emails.
Fraudsters always take advantage of the current situation and try to deceive other users. In any popular fashion area, they come first. The best way to protect yourself is not to rush to follow various recommendations, but to ask for advice in any crypto community.One must take care of themselves even if they seek help from the community, they will get bombarded by those scammers who pretend to help. I believe looking at the current situation, the warning not to share the recovery seed phrase is not enough. I'm sure there should be a better way to convey about the security as a whole in a compact way to all of their users.
I guess the swindler was just taking advantage of the situation. The fact that has happened lately is that Metamask is experiencing transaction disruptions due to problems with their technical partners. While this incident will not bother users globally, for noobs it will trigger their own skepticism so that if they are careless they will follow the instructions of this fake emails.
Fraudsters always take advantage of the current situation and try to deceive other users. In any popular fashion area, they come first. The best way to protect yourself is not to rush to follow various recommendations, but to ask for advice in any crypto community. Jump to: