Cryptocurrency smokers focus on Phantom Wallet users via malignant pop-ups that look like real update searches.
According to web3 security firm ScamPhishing -crowders use a new tactic to dispose of Phantom portfolios by misleading users to sign fake -“update extension” requests. Once approved, the pop-up asks them to introduce their seed sentence, which, if provided, gives scammers full access to their funds.
SCAM Sniffer advised users not to announce their seeds and only to update extensions through the web store that is available in the Chrome -Browser.
Previously such pop -ups were limited To malignant websites that simulate the interface of Phantom. Now scammers connect to real Phantom portfolios, which makes their attacks still look convincing.
A way to recognize these fake pop-ups is to check how the window behaves. Real Phantom wallet Pop-ups work as system windows that can be minimized, maximized and changed. Fake -Nep, however, are stuck in the browser tab.
Another trick is to try to click the link with the right mouse button, because phishing pages usually switch off this function to prevent users from inspect URLs, while real phantom pop-ups will not limit it.
Users must also check the URL, because real Phantom extension pop-ups display a Chrome extension: // Prefix, which phishing websites cannot be fake.
Phantom users have recently confronted more than just phishing threats. A recent iOS update introduced a critical bug that reset portfolios and locked users, so that they had to re-introduce their recovery sentences. Although the problem was picked up later, some users who lost access to their money have expressed concern about the risks of unexpected disruptions in non-complaining portfolios.
Phantom was launched in 2021 as a wallet on Solana and has since been expanded to other chains such as Ethereum Layer 2 Base and Layer 1 Network Sui in recent months.
Last month the company collected $ 150 million in a series C -round, supported by venture capital giants, including Sequoia Capital, Paradigm and A16Z Crypto.
