Jameson Lopp, co-founder of CasaHODL, recently raised concerns about a new phishing scam that is targeting users of the cryptocurrency exchange Gemini. The scam involves a fake data breach notice that is being used to deceive users into transferring their funds to malicious actors. This deceptive notice falsely claims that Gemini is teaming up with Trust Wallet to safeguard users’ funds following a security breach that compromised several multi-signature wallets on their storage servers.
The scammers behind this scheme are urging users to transfer their funds to a wallet controlled by a seed phrase they provide, misleadingly labeled as a “Unique Recovery Phrase.” They also falsely state that users have a week to secure their funds. Yu Xian, founder of SlowMist, highlighted the prevalence of phishing scams involving mnemonic phrases in the crypto space. These scams are often carried out at a low cost, using leaked data from the dark web, posing a persistent threat to the industry.
Experts warn that users who rely on third-party custody platforms are particularly vulnerable to these phishing attacks. Psifour, a developer for Taproot Wizard, suggested that spreading awareness about these scams could help protect newcomers from falling victim. He emphasized the importance of educating users, especially those who have only used custodial services in managing their coins.
Gemini has acknowledged the phishing attempt and advised users to stay vigilant. The rise of phishing scams in the crypto sector has resulted in significant losses for users. According to blockchain security firm Scam Sniffer, crypto phishing scams caused $63 million in losses for over 9,000 victims in August alone. Despite a decrease in the number of victims, there was a substantial increase in stolen funds, underlining the growing sophistication of these attacks.
The prevalence of phishing scams underscores the importance of implementing robust security measures and raising awareness among users in the crypto industry. As the tactics of scammers evolve, it is crucial for exchanges and users alike to stay informed and remain alert to potential threats. By staying informed and practicing caution, users can protect themselves from falling victim to these deceptive schemes.