MetaMask has warned that Apple users are at risk of phishing attacks

By Selena 04/19/22 11:39 AM

MetaMask has issued a warning to iPhone, Mac, and iPad device users about the phishing strategy after one user reported a loss of $650,000. The particular threat concerns devices with automatic backups to iCloud, which is usually the default setting.

MetaMask issues warnings to iCloud users After $650K phishing attack

Some users save their seed phrases on iCloud and are at risk of being compromised if an attacker discovers their password.

“If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds,” reads the warning from MetaMask.

The alert also comes with tips on how users can protect themselves from the threat. The easiest method is for users to disable iCloud backups by navigating to settings and making the necessary changes on the backup menu.

To avoid surprises, MetaMask recommends turning off backups. A Twitter user with the handle “revive_dom” announced that his entire holdings had been stolen, including expensive NFTs and other assets. His losses amounted to around $650,000, according to security expert “Serpent.” The hacker accessed his seed phrase from iCloud.

Reveal_dom received a text message asking him to change his Apple ID password according to the chronicle of events. A follow-up call from Apple’s fake caller ID asked for a one-time verification code to prove ownership of his account. He followed suit, and the scammers used the code to reset his password.

“The scammer will have access to the victim’s iCloud account, giving them free access to everything, including all the data MetaMask stores on iCloud,” wrote Serpent. He went on to advise the use of cold wallets and to never give out verification codes. “Caller information is easy to spoof. Companies like Apple will never call you.”

Read more:

Join us on Telegram