Crypto Scams, pt. 2
You can find a wallet to put your trust in, but can you be sure it’s the right app?
Metamask and Google seem to already have a history together. The most recent case is when Google removed the wallet extension from the Chrome store without any explanation. Although the ‘detention’ lasted just several hours, it was all over the internet. It is likely that Google was trying to remove the fake app that had managed to find its way to the store and was trying to imitate the original browser extension.
Earlier this month the imposter saga continued when cybersecurity company, ESET, found a malware that presented itself as MetaMask, but this time in Google Play. This phishing app, known as a “Clipper,” was created to steal users’ private info and private keys as well as to replace the wallet’s addresses that the user has copied with the scammer’s address so he will be the one to receive the funds. It’s worth mentioning, that Metamask currently has no mobile version whatsoever, but since that’s not common knowledge, anyone could fall for it.
And of course, this isn’t the first time scam apps have made it to the store. Last year Lukas Stefanko, a malware researcher, found as many as three fake crypto wallets on Google Play, immediately reported them, and they were quickly deleted. However, hundreds of users had already downloaded them.
Some malware apps are not so interested in stealing your digital assets, rather they aim to get access to your personal data on credit cards or other payment providers.
We are pretty sure that if you spend some time on Reddit or crypto related forums you’ll find quite a few unfortunate stories of people who have got caught up in similar scams. Even if you think that such a thing could never happen to you, it doesn’t hurt to be more cautious.
The Number One Rule
Each company has only one official account per product (well, there are some exceptions, you can follow as many accounts as you like, but please beware of the ones that want your money). Check the official website, make sure you type it in correctly, or save it to your favorites. The website normally also has links to download the software (or to the app store) as well as all the platform’s social media channels. So, for instance, if you’re not sure whether the company has released a mobile version of their product, you can always check their Twitter for updates. And if you’re still totally confused, join their official chat group and have a talk with the admin.
How to Avoid Scams
In order to stay safe, before downloading any app, make sure you always follow these procedures.
- Check if your mobile device needs updates and install new versions.
- Use a trusted anti-malware software and perform regular check-ups.
- Although Google Play and the official iOS App Store are not without flaws, they are your best options. Avoid alternatives.
- Check the original developer of the app in the Store.
- It’s always a good idea to check if the download link on the official website of the platform and the one in the mobile store match.
- As we’ve mentioned earlier, you cannot be cautious enough. Considering that crypto transactions are irreversible, it makes sense to be on guard. Check every step of your transaction, make sure the address you pasted matches with the one you’d copied earlier.
- If something seems suspicious, it usually is. Approach the developer or ask the team for help.
The Bottom Line
It’s always better to spend a few more minutes double-checking the details and making sure your devices are properly protected instead of losing all of your precious assets. Just make those security procedures a part of your routine and no scammer will be able to trick you.
Want To Talk About It?
The Lumi Wallet team is here for you. And by the way, these are our official Twitter, Facebook, and Reddit accounts!
