Hackers target MetaMask users under the pretext of KYC compliance
According to Armorblox hackers bypass Microsoft Office 365, and draft email attacks targetting multiple organizations across the financial industry.
Crypto exchanges and wallets make KYC mandatory for users, scammers are targeting crypto traders under the pretext of getting their wallets KYC compliant reveals new research by Armorblox, MetaMask is one of the most widely used crypto wallets that allows users to store digital assets, interact with the blockchain and host dApps.
Hackers bypass Microsoft Office 365 and draft email attacks targetting multiple organizations across the financial industry the email sent to users looks like a legit email attack targetting multiple organizations across the financial industry the email sent out to users looks like an email from MetaMask wallet asking users to verify their account. when victims clicked the link they are taken to a spoofed MetaMask verification page.
Upon clicking the Verify your wallet button within the email the victim is redirected to a fake landing page one that closely resembled a legitimate MetaMask verification page. The victim was prompted to enter a passphrase to comply with KYC regulations and to continue the use of the MetaMask service.
For better protection and coverage against email attacks whether they're spear-phishing business email compromises or credential phishing attacks like this one organization should augment built-in email security with layers that take a materially different approach to threat detection. Researchers at Armorblox said subjecting the email to an eye test includes inspecting the sender name email, the language within the email, and logical inconsistencies within the mail.
If you haven't already implemented these hygiene best practices to minimize the impact of credentials being exfiltrated Deploy multi-factor authentication on all possible business and personal accounts Don't use the same password on multiple sites.