Phishing Scam Targets Users of Phantom Wallet
Phishing scammers are targeting users of the Solana-based crypto wallet Phantom. Attackers use fake pop-ups, which appear as legitimate update requests, to trick users into approving malicious actions aimed at stealing private keys and subsequently draining funds from the wallets of their victims.
Scam Sniffer Warns of Fake Update Requests
On Feb. 6, Web3 scam detection platform Scam Sniffer warned users that hackers were actively connecting to real Phantom wallets. In order to steal their funds, scammers try to get a signature from victims for a fake “update extension”. After the request is granted, victims are asked to input their seed phrase. By entering this, hackers receive unlimited access to the wallet, thus allowing them to drain all funds.
Pop-Ups Impersonating Phantom’s Interface
In late January, Scam Sniffer also warned that malicious websites had shown up displaying fake Phantom wallet pop-ups. These pop-ups closely resemble the official Phantom interface, which asks users to enter their seed phrase under the pretext of confirming a connection request.
How to Recognize a Fake Phantom Pop-Up
In an attempt to help users determine which pop-ups are real and which are fake, Scam Sniffer did provide the following tips:
- Right-clicking the link: The right-click option is disabled on phishing pages, but it’s enabled in actual Phantom pop-ups.
- Checking the URL: The link of a real Phantom pop-up contains “chrome-extension”, which phishing websites can’t fake.
- Window behavior: Genuine Phantom pop-ups act like system windows, which users can minimize, maximize, and resize, while fake ones are confined within the browser tab.
Phantom Wallet’s Rising Popularity and Security Concerns
Phantom wallet usage has grown hand-in-hand with the growing popularity of Solana memecoins. The revenue generated by Phantom in the last 24 hours through fees was around $470,000, ahead of Coinbase Wallet, according to DefiLlama. Its daily revenue hit an all-time high of $3.6 million on Jan. 19.
Phantom Expands Features and Funding
In 2024, Phantom says it has more than 10 million MAUs and more than 850 million total transactions. Support for multi-currency launched on Feb. 6 across 16 different denominations.
On Jan. 17, Phantom raised $150 million in a Series C funding round led by Sequoia Capital and Paradigm that values the crypto wallet at $3 billion, placing it among the most valuable providers of crypto wallets.
No Token Airdrop Despite Speculation
Despite rampant speculation, Phantom has denied plans to launch a token airdrop. Rumors had suggested the airdrop would accompany the platform’s soon-to-be-released social discovery feature. Users should remain cautious about potential scams exploiting this speculation to steal credentials.
Stay Vigilant Against Phishing Attacks
To protect their funds, Phantom wallet users should remain vigilant against unexpected pop-ups requesting sensitive information. Always verify update requests, avoid entering private keys on suspicious websites, and follow best security practices. Staying informed is crucial in preventing crypto phishing scams.
