Beware these phishing pop-ups that are appearing on big crypto websites

Patrick Devaney


With Bitcoin, cryptocurrencies, blockchain technology, and Web3 gaining more and more traction and widespread adoption every day, we are seeing increasing numbers of scams and cyberattacks targeting the crypto sector. We recently reported on NFT scams targeting a Pokémon-inspired project and another attack that was hiding malware in fake job offers sent to potential NFT artists. These are rife right now and a new scam has been spotted that is targeting MetaMask users.

MetaMask Download Now

Metamask is an extremely popular and easy to use cryptocurrency wallet that allows users to interact with blockchains and Web3 decentralized apps (dapps). Chances are, if you are into crypto you will have a Metamask and if you are just getting started, the first thing you’ll likely do is get yourself one. Metamask is available as a mobile app or as a browser plugin for web browsers like Chrome.

Beware these phishing pop-ups that are appearing on big crypto websites

This new phishing scam that is targeting MetaMask users has been popping up on some of the biggest and most used sites in crypto including Etherscan, CoinGecko and DexTools. The pop-up includes a Bored Apes logo and the common words “Connect with MetaMask”. The scammers hope the pop-up looks official enough for users to connect their wallets. Then if users connect their wallets to the scam pop-up, the scammers will empty them of all funds.

Again here, we have to stress that these new types of attacks are not searching for data, they are direct ways for scammers to steal funds from you immediately. As such, if you are using cryptocurrencies and holding them in wallets such as MetaMask, you have to be extremely careful whenever you connect your wallet to any third-party site. It is more important than ever to know how to spot a phishing scam.

Fortunately, the affected websites seem to have spotted this new scam quickly and acted upon it before it could cause too much damage. TechRadar reports that CoinGecko identified the source of the popup as Coinzilla, which is a crypto industry advertising network. It has since been removed from the website.

This latest scam just further reiterates the need for vigilance when online. If you are a Microsoft Windows user, you should check out our Best Windows Security Tips guide now to get ahead of the game.

You may also like