Crypto wallet MetaMask has announced that its users were victims of a 2FA security verification phishing scam, urging users to be vigilant. The fake email requested that MetaMask users update their 2FA security verification credentials by January 4, 2026, or else they would have limited access to key wallet features.
23pds, partner and CISO at blockchain security firm SlowMist, was among the first industry KOLs to issue this phishing notice on social media early on January 5. The security researcher also cautioned MetaMask users to remain vigilant when handling emails from the crypto wallet firm.
Scammers impersonating MetaMask security pages attempted to trick users into completing a two-factor authentication process, with the actual goal of stealing their mnemonic phrases. The scam process involved creating and sending out links to fake security alert pages, 2FA verification interfaces, and countdown prompts, ultimately requesting users to enter their wallets’ mnemonic phrases.
Meskauskas explains how to avoid MetaMask 2FA scam
Malware researcher and internet security professional Tomas Meskauskas released an article a little over a month ago explaining how to avoid the 2FA activation email phishing scam. The report urged MetaMask to always check and verify the sender’s email address, among other minor details. Specifically, users were warned not to blindly trust emails from companies that appear to be legitimate.
Read more: cryptopolitan.com
Source: CRYPTO WORLD NETWORK NEWS
