Phishers are targeting MetaMask users in growingly inventive methods.

Cyber Security company CipherTrace put out an alert after noticing a jump in news over the last 24 hours of user funds stolen by a Chrome browser extension acting as a regular MetaMask cryptocurrency wallet.

The notification stated that the firm saw a jump of signals and comments in the web crypto community that customers’ funds were stolen.

As an answer to online criticism that MetaMask isn’t undertaking the efforts to keep users safe from possibly dangerous web pages and downloads, CPO Jacob Cantele of MetaMask said on Twitter that at the moment they are alerting in several locations in the product, maintaining a phishing detector that alerts about tens of thousands of malicious websites, undertaking constant security marketing campaigns, and having legal tools to try and delete such websites.


Links to fake MetaMask sites are unintentionally reposted by crypto ventures and are recorded to appear often as Google Ads on the top of the 1st result in Google searches for the word “metamask.”

After visiting a phishing site that appears as the real MetaMask website or after you download a malicious browser extension, users need to put in their twelve-word password to link to their wallet. The password is then captured by the phisher, and the wallet loses the money on it.

MetaMask claims that the safest method for not getting scammed is downloading the app just from the official website, or from the Google Chrome shop. Always avoid visiting such links on other web pages.

For those who got the extension before, MetaMask will show a bright red alert when a user tries to access a web page that has been identified before as a phishing website.

If you are a MetaMask uncertain whether a web page has been identified as malicious are advised to visit CryptoScamDB and put in a web page URL or IP address where it is cross-referred to a database of reported scam and phishing web pages.

In October, MetaMask revealed that it reached and went over the number of 1M active users on a month-to-month basis, primarily due to the rapid decentralized financing trend during summer and autumn. Growing Ether costs and a broad user base indicate that this form of phishing attack are not going away soon.