Topic: Non-custodial wallet would never request for your personal information (Read 133 times)

How did metamask users received a mail when metamask is only a wallet extension on chrome without mail, to me the mail was randomly sent to many mail addresses to both the ones without metamask installed too, and those who got no knowledge falls victim of this.

This is how this scam tricks works
The so called message in the mailbox contained a link with a cloned metamask login page where it's showing to input your seed phrase after clicking verify.

The spam link is then connected to a control panel where whatever you input as your seed phrase will reflect on the cpanel. The hackers will then use whatever private information you type to import out your wallet and access your funds.

It's best to always to always look out the correct URL when accessing a site, if not, similar case will still occur in the future.

The phishing aspect is really important and I think most people are ignorant of this, they get manipulated and tricked to entrying their passwords, seedphrase and likes online... The connection of wallet is really alarming these days , these are easy way people could get exploited.
At the same yime. the is another call to start making all your noncustodial information as cold as possible, let's say you get tricked or hacked at least you would be safe if you made use of the cold storage format, it's gonna get worsen NMW as technology advances each time and the only way to stay ahead this criminals is to block every loop hole they might want to use to utilise u.e you have to think ahead of them

That's exactly the case of how many people got their emails taken, so many people for the internet just dey input and try every link or platform wey dey promise dem small small profit wey most of the time sef dey result to scam at the end but human nature and free things or should I say bonus na 5& 6 and na where plenty people dey get these messages when their email don dey already used by the setter of these platforms.

Make we dey understand wetin we dey use before we begin dey use am, if you no understand wetin non constodial wallet be (or as I dey call am, self constodial) then no use am until you know what you are doing to dey avoid some kind stupid mistakes them.

Non constodial mean say na you dey incharge so anything else wey get to do with verification done make am e no follow for non constodial again therefore you aren't meant to do any verification or anything so as our brother talk na so. If you see such messages, ignore them and block the sender immediately.

Try ask yourself too say how this scammers carry get my email them. Na because you dey participate for everything wey you dey see online, abi una never know say most of this projects, sell or share out our information to third party?.

Either you minimize wetin you dey sign-up for online or get a separate email just for airdrop, giveaways and bounty hunting.

I no dey use Metamask, but the non-custodial wallets i use has no email requirement, so you cannot even receive an email from them, i am talking about wallets like electrum and bluewallet too, it should only be exchange accounts and custodial platforms that require your email address and other information before you can open an account.

That being said, i dey happy say the Nigerian community don dey very updated about scammers modus operandi, e no go dey good say scammer steal from any one of us. Thus e make sense to keep your assets for offline devices, so even if you make mistake, the scammer no go fit steal anything substantial from you.

Thanks for sharing this very important information, e go de helpful for many newbies wey never get experience say crypto space na hub for scammers and hackers. Person suppose to research and verify any information wey dem get for internet. E get some information and messages wey person go receive and im no need to bother to verify am because na from scammers. As you talk, none custodial wallets no fit to ask you for personal information, so if anybody receive email wey talk anything related to KYC or show you link to click, you need to totally ignore di message.

Even banks wey hold your KYC sef no go fit to call you to demand for any personal information or send you otp and say make you call the number, all dat na di handiwork of scammers. I de always advice newbies dem say internet especially social media na open space, anybody fit to impersonate anybody or companies to scam people. Always make sure say you download apps from the right sources because of phishing sites and make you no click wetin you no understand because e fit to be from scammers.

The crypto ecosystem isn't a scam free space, every user ought to be smart and updated.Cybercriminals are always coming up with new strategies that looks too good to be called scam.There are many scams in the crypto space,but on this thread I'll ponder on [PHISHING ATTACK].
Over the years phishing attacks in the crypto space happens to be one of the most common cybercrime.Chainalysis has always been giving reports on estimated amount of victims that have lost their coins through phishing scam.Phishing attack is a very tricky scam that appears like it's coming from legitimate source,so it could be confusing to most user.The intention of a phisher is to steal a victim's financial information/credentials.

[PHISHING ATTACK]
Phishing attack is a trick that triggers victims to reveal their financial information/credentials.Victims won't be triggered if the information isn't sensitive, sensitive information like YOUR WALLET WILL SOON BE SUSPENDED IF YOU DON'T VERIFY YOUR ACCOUNT,and the verification involves submitting of one's personal information.When a victim receive such sensitive information he/she becomes scared and hasty to submit their financial information or download an attachment without looking out if the link,URL and website is fake.
In the crypto space, victims are tricked to reveal their financial information like password,private keys and seed phrase etc.And once these information are revealed to a scammer,the user's account is then compromised.Crypto wallets are always a target to phishing attack.

The truth is Non-custodial wallets would never ask you to provide your KYC information because they are KYC free and they are not crypto exchanges.When you receive a mail from your non-custodial wallet it's best you ignore it or don't complete your KYC information to any website claiming to be legit because non-custodial wallet doesn't hold any information about their customers, information like Email address, phone number etc.Phishing messages are always sent to a victim's Email or SMS,but for the fact that your email address and phone number wasn't linked to your non-custodial wallet you don't have to be worried.If you receive any message about verifying or updating your non-custodial wallet,just like I said messages like that should be deleted, ignored or archived,and if you feel like confirming the message you can best visit your non-custodial wallet official site.
Last year Friday March 10,2023, MetaMask users received a mail from a phishing site and many folks were scammed.This is how the mail looks like;


The source where I got the image.