Security firm warns users against fraudulent wallet verification flows amid ongoing crypto phishing threats
Crypto investors are being targetted by a new phishing campaign impersonating MetaMask, aiming to steal wallet recovery phrases through fake two-factor authentication (2FA) prompts. The scam redirects users to fraudulent domains under the guise of urgent security checks, requesting their 12-word seed phrases.
How the Scam Works
Attackers create fake 2FA verification flows, sending phishing emails that claim wallet features will be restricted unless the user completes a security setup. Users are then prompted to provide their seed phrases, which allow scammers to access and drain wallets. Security experts emphasize that legitimate wallet providers never ask for secret recovery phrases.
Despite this campaign, phishing losses fell sharply in 2025. According to Web3 security data, losses from crypto phishing declined 83% year-over-year, from $494 million in 2024 to $83.3 million in 2025, while the number of victims decreased 68%, from 332,000 to 106,000. However, losses peaked during the market’s most active periods, highlighting that phishing attacks remain closely tied to user activity.
As the world’s leading self-custodial wallet, MetaMask—with over 100 million annual users—remains a prime target. Analysts sys that phishing scams thrive by impersonating trusted platforms, underlining the importance of vigilance and never sharing seed phrases.Investors are advised to verify all wallet prompts independently and treat unsolicited security requests as potential scams.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.