Web3 security firm Scam Sniffer has uncovered a new phishing method targeting Phantom Wallet users. Scammers utilize fake pop-ups that mimic update requests to trick users into revealing sensitive information.
New Phishing Attack on Phantom Wallet Users
According to Scam Sniffer, the scam aims to drain user wallets by tricking them with bogus "update extension" requests. Once users comply, the scam escalates by requesting seed phrases, giving attackers full access to the wallet and its funds. Unlike previous phishing attempts mimicking Phantom's website, this method connects directly to legitimate Phantom wallets, making the scam more convincing.
How to Distinguish Fake from Real Pop-Ups
Scam Sniffer provides tips on how to identify fake pop-ups. Legitimate Phantom pop-ups behave like standard system windows that can be resized or minimized. Fake pop-ups remain within the browser tab. Moreover, right-clicking is disabled on phishing pop-ups, preventing users from inspecting URLs. Genuine Phantom pop-ups allow right-clicking and always contain the "chrome-extension://" prefix.
Other Issues Faced by Phantom Wallet Users
This phishing scam is not the only issue faced by Phantom Wallet users recently. A critical bug in a recent iOS update caused wallets to reset, locking users out and requiring them to re-enter recovery phrases. Although the bug was later fixed, the incident raised questions about the reliability of non-custodial wallets during unexpected disruptions.
Launched in 2021 as a Solana-based wallet, Phantom Wallet continues to expand support to other networks. Despite the risks, the company maintains investor confidence, securing significant funding in a recent investment round.
