It has recently come to our attention that a number of phishing applications are being distributed through official looking channels. One Reddit user recently reported that he was scammed out of $10,000 by installing a fake Ledger Live interface through the Snapcraft.io app store. The application asked for his seed phrase, which the trusting user entered, providing his private key to scammers.
Further investigation showed that there are actually multiple fake bitcoin/crypto wallet interfaces being distributed by Snapcraft, and that this is a common occurrence.
What is a phishing attack?
A phishing attack is when a scam organization will send you a link, through DM or email, to an official looking app or website. The app or website will look real enough as to not arouse suspicion, but request you enter sensitive information such as passwords and seed phrases, which are then used to steal your funds.
Other possible malware attacks
While stealing your seed phrase is most ideal for a scammer, it’s not the only potential form of attack. Installing malware on your computer can also allow for clipboard address-swapping, that will replace your intended target address with that of the scammers.
Fake wallet software may also replace your wallet addresses with those of the scammer within the interface itself.
How can you protect yourself?
-
Never follow links provided in emails. This is the most common phishing attack
-
If using linux, do not install snaps or flatpacks. Follow the instructions provided on the wallet’s official website
-
When signing transactions, verify the addresses on your device using the original source
-
And never, ever, enter your seed phrase into your computer, for any reason
Here at BitcoinVN, we are committed to your financial security, as your success is our success.
Stick with us for more security updates, tips, and news to make sure your bitcoin/crypto journey is a profitable one.
Contributed by BTCMachineElf.
