Cybersecurity firm SlowMist has raised alarms regarding a sophisticated phishing scam aimed at users of MetaMask. This malicious scheme employs counterfeit two-factor authentication (2FA) prompts to deceive victims into revealing their wallet seed phrases.
Victims often receive fraudulent emails asserting that 2FA is now a necessity for securing their accounts. These emails, which prominently feature the MetaMask logo and alarming subject lines like “2FA – Protect Your Wallet,” direct users to illegitimate websites that closely resemble the official MetaMask interface.
Upon clicking the provided link, users find themselves on a fake MetaMask page that instills a false sense of urgency. This interface usually includes countdown timers and fabricated security warnings, pressuring users to act quickly to “verify” their accounts. The attackers then request the 12- or 24-word seed phrase under the guise of enabling 2FA.
Once victims unwittingly enter their seed phrases, the scammers gain immediate access to their wallets and can swiftly drain funds, often within seconds. Reports indicate that victims typically face losses ranging from $500 to $2,000 per incident, with stolen assets quickly transferred to wallets controlled by the fraudsters.
SlowMist”s investigation highlights that these phishing attempts are becoming increasingly prevalent as the cryptocurrency market gains momentum. Although phishing-related losses shrank in 2025, the firm warns that such schemes tend to resurge alongside heightened trading activity.
Notably, MetaMask has confirmed that there are no vulnerabilities within its platform; the threats arise purely from social engineering tactics employed by attackers. Users are reminded that MetaMask will never request seed phrases for any purpose.
In light of these developments, affected users are advised to disconnect from any suspicious sites and transfer their remaining assets to new wallets without delay. Ensuring the confidentiality of seed phrases is crucial, as they serve as the master key to users” wallets.
As the landscape of cryptocurrency continues to evolve, remaining vigilant against phishing attempts is essential for safeguarding assets.
