MetaMask, Phantom Wallet Users Targeted in Crypto Phishing Scam: Report

The scam campaigns, which imitated popular crypto wallet websites like Metamask, have resulted in losses of at least $500,000.

AccessTimeIconNov 4, 2021 at 1:27 p.m. UTC
Updated May 11, 2023 at 5:51 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

Users of crypto wallets MetaMask and Phantom, as well as the crypto swap platform PancakeSwap, have been targeted in a crypto phishing scam involving at least half a million dollars being stolen, according to a Check Point Research (CPR) report.

  • CPR said that in the past few days there have been “multiple events” in which hundreds of crypto wallet users have had their funds stolen while trying to download and install well-known wallets like Metamask or change their currencies on crypto swap platforms such as PancakeSwap or Uniswap.
  • The scam campaigns used search engine advertisements to target crypto wallet users. They then employed fake URLs and websites to allow scammers to steal wallet passwords and access crypto funds held in wallets, said CPR.
  • The report gives an example of how an attacker uses a Google ad campaign to steal the user’s private key and access their MetaMask wallet by giving them a phrase that allows them to steal the funds upon transfer.
  • CPR advised crypto wallet users to “refrain from clicking on ads and only use direct, known URLs.”


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Tanzeel Akhtar

Tanzeel Akhtar is a reporter based in London,UK.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.

Read more about