- A phishing scam targets users of the Imtoken wallet via search engines.
- The scam uses Google Docs to commit fraud, prompting cybersecurity firm SlowMist.
- Previously, a phishing scam was targeted at the MetaMask wallet.
The crypto community has been put on high alert following phishing websites masquerading as the popular Imtoken wallet. Collin Wu, a well-known Chinese reporter, revealed that the top ad for Imtoken on Chinese Google search is, in fact, a phishing website that uses Google Docs to commit fraud.
Wu highlighted that many fake wallets are flooding search engines and forming an industrial chain, posing a threat to unsuspecting users. As a result, users are urged to be extra careful when accessing and using crypto wallets.
The top advertisement of Imtoken in Chinese Google search is a phishing website, using Google doc for fraud. A large number of fake wallets are flooding search engines and forming an industrial chain, users must be careful. https://t.co/y8bJapgOAD pic.twitter.com/J0uuoqMxnF— Wu Blockchain (@WuBlockchain) April 21, 2023
In response, cybersecurity firm SlowMist expressed shock that such a scam could occur and has warned users to exercise caution. According to a SlowMist researcher, the phishing attack is a new type that uses Google Docs to deceive users. The company plans to reveal a fake wallet risk pathway in the coming days.
At the time of writing, Imtoken has not yet released an official statement on the matter.
Notably, the situation highlights the importance of vigilance when accessing crypto wallets and exchanges, as phishing attacks are becoming increasingly common in crypto.
In February, the world’s leading Web3 wallet, MetaMask, cautioned the crypto community about an exploit where hackers send unauthorized emails to its users. The scammers asked users to fill out a know-your-customer (KYC) form and confirm their secret recovery phrase in a fraudulent attempt to “keep users’ fund safe.”
MetaMask does not collect KYC info and will never email you about your account!Do not enter your Secret Recovery Phrase on a website EVER.If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!https://t.co/EP0HGZFOfo pic.twitter.com/4CDtne24OK— MetaMask (@MetaMask) February 13, 2023
According to a report, the source of the unauthorized emails was the popular domain registrar NameCheap after a Sunday breach, causing a flood of phishing emails that attempted to steal recipients’ personal information and crypto wallets.
The post The Top Ad for Imtoken on Chinese Google Search Is A Scam Site: Report appeared first on Coin Edition.