How Do Scammers Steal Crypto Wallets Using the Seed Phrases?

Recently, cases of data leakage from holders of cryptocurrency wallets have become more frequent.

Recently, we wrote about one such case in this article.

Today, we will tell you about the increasingly popular bench with the seed phrase of the MetaMask crypto wallet.

What is MetaMask?

MetaMask is a wallet for the Ethereum cryptocurrency that supports all types of tokens based on it (both ordinary and unique tokens — that is, NFTs.) 

Read more about the NFT phenomenon here.

The wallet is suitable for use in Firefox, Brave, and Google Chrome browsers, as well as in the form of applications for such operating systems as iOS and Android. So, MetaMask provides secure purchase, creation, and monetization of content in a decentralized network.

What is MetaMask

The security of all assets is ensured by a password that the user creates at the registration stage. In addition, the application itself generates a private key consisting of 64 letters and numbers, and a secret phrase or a “seed phrase” consisting of 12 to 24 semantic words.

It is not safe to spread about a password or a private key. But for some reason there is a different view about seed phrases and a good deal of neglect of secrecy — even though, in fact, the seed phrase is a verbal display of the private key, which allows you to make a backup of the wallet and restore access to the account. 

Thus, if someone knows the seed phrase, they will be able to log into the wallet without any problems and dispose of the cryptocurrency at their discretion. It is such an oversight by the user that the scammers are counting on.

Did you hear about Crypton? The most promising privacy coin of our time. Read more here.

Part 1: A threatening letter

After the fraudster has noticed users, a mass mailing of letters begins, which is based on one of the scammers’ favorite psychological techniques — intimidation. Victims are threatened that if they do not pass verification urgently, their MetaMask account will be blocked and all assets will be lost.

To make the message look convincing, criminals add a logo and company name to it. Then, as the sender’s name, they specify the support service. At a glance, there is no way to distinguish whether this is a real company or a fake one. However, an attentive user will look at the address and see that something is wrong with it.

-What’s wrong with the name?

The first sign of a fake is an error in the company name specified in the email address (i.e., “metamasks” instead of “metamask”). Another reason to be wary is the domain name; that is, the part of the address after the “@” symbol. Serious organizations usually use their name as a domain, for example, In the case of a fake, the domain has nothing to do with the crypto wallet at all. Finally, “.de” indicates that the address is registered in Germany, which is also strange because MetaMask is an American company.

MetaMask scam email

Then, to verify the account, you need to click on the links from the letter. The link is also suspicious. For example, there may be extra words, incorrectly spelled phrases, or names. Such points may indicate that this is a fake or just a scam.

If you are searching for the most secure and private crypto exchange, look into Crypton Exchange and be under reliable protection.

Part 2: Enter a seed

If the user ignores all signs of deception and follows the links, then a fake authorization page is waiting for them, which is visually completely identical to the real MetaMask site.

MetaMask scam main page

After going to the website, the scammers request that you enter a seed phrase to unlock the wallet and prevent the threat. If the user believes in what is happening and enters the secret phrase into the form, then they will be redirected to a real site, and their MetaMask wallet and all its contents will meanwhile end up in the hands of criminals.

How to protect your wallet

The sphere of internet deception is constantly developing, and criminals are coming up with more and more complex ways to deceive both ordinary online users and crypto investors. Nevertheless, most schemes have common signs by which they can be easily recognized and prevented. Therefore, it is worth following a few simple safety rules:

  • Be careful about letters and messages in which you are threatened with the loss of money and accounts, or vice versa — they offer easy earnings to scammers.
  • Pay attention to the address of the message sender. If the company name is misspelled, or you see a random set of characters instead, then most likely they want to scam you.
  • Pay attention to the data that allows you to access your account and money. Find out how the crypto wallet protection system works — what information the support service may require from you, and what information cannot be shared with anyone.
  • Use a reliable solution with protection against online fraud and phishing, which will help you save your nerves and money.

Listen to the best crypto podcasts to stay in touch with up-to-date technologies.


Leave a Reply

Leave a comment

Your email address will not be published.