Phishing attacks on Twitter attempt to steal cryptocurrency funds from Trust Wallet and MetaMask wallet users. MetaMask and Trust Wallet are popular mobile wallets in which users can store, buy, send, and receive cryptocurrency.
When users want to create a new wallet on MetaMask or Trust Wallet, the app prompts them to save an auto-generated recovery phrase consisting of 12 words. This recovery phrase is necessary for creating keys and accessing the wallet.
BeepingComputer reported a new Twitter phishing scam targeting Trust Wallet and MetaMask users in which scammers present themselves as support representatives and ask users to provide the mentioned recovery phrase. This allows the criminals to steal cryptocurrency from the victim’s wallet.
Scammers looked for MetaMask or Trust Wallet users tweeting about a problem they are having with their wallets. Then the scammers reply to these tweets pretending to be the apps’ support and asked to visit the provided docs.google.com or forms.app links to fill out a support form. Victims then see a page that looks like a support form for Trust Wallet or MetaMask. In these forms, the unsuspecting victim provides their email address, name, and the wallet’s recovery phrase.
Once the threat actors get the recovery phrase, they can import the victim’s wallet on their own devices and steal all the cryptocurrency funds.
One MetaMask user, BeepingComputer reports, lost over $30,000 worth in cryptocurrency in a similar scam.
We remind you that you should never share your wallet’s recovery phrase with anyone, provide in any app or website, or to any support representative. The recovery phrase is only used in one scenario: to import your wallet on a new device. In addition, only seek support on the websites associated with the application or device you need help with, and not on social media.