How Secure Are Your Crypto Wallets? The Latest Scam Affecting Users

FinanceFeeds Editorial Team

The principles of the blockchain according to the Satoshi standard, are privacy and security. Users making transactions over the blockchain by simply furnishing the recipient with a wallet URL certainly bring privacy to the user, who no longer needs to send his personal and financial data to third parties for storing on their servers

Servers for cybercriminals are like walking through a door, with one single point of entry to get to the treasure. However’ the blockchain’s nature is one of decentralization, with all of the data and transactions being stored across thousands of computers globally. For a hacker, this means walking through thousands of doors and piecing together the information, which for him is neither time consuming nor worth the computing power and energy. 

For the user this also means not having to jump through hoops in order to make a transaction, it completely cuts out the rigmarole of KYC protocols, which can take time and are very frustrating. However, in this life, where cybercriminals can smell the amount of value being held and transacted in this arena, it is like playing cat and mouse. They are scrambling to build new technologies and scraping methods to catch up with the complexities of blockchain encryption.

Stealing passcodes over Twitter

And now cybercriminals have found a way to steal passwords to crypto wallets. They do this by following tweets that contain crypto keywords and they respond to these tweets with malicious links. The criminals scan for keywords like the names of specific wallets, and once they see this they respond by faking the role of support agents and send the poster links to malicious sites, which then allows them to gain access to wallets and to all the holdings inside. The cybercriminals are doing this by using Twitter’s own APIs, which Twitter uses for monitoring all tweets.

One company set up a fake test to see how this works. They filled a post with loads of crypto catchwords and waited to see what would come next. Keywords included “help”, “support”, “MetaMask”,TrustWallet” and “Crypto Wallet”.They did not have long to wait though, as just seconds later, it had received a bunch of replies to their tweet from Twitter Bots claiming to be MetaMask and TrustWallet support staff. 

From here the perpetrators had built Google Docs and other forms, which required the user to post their private details in order to get help, details like their email address and the issues they were facing with their accounts, as well as the wallet’s recovery phrase, a collection of 12 or more seed phrases, that only the wallet holder knows.

Once the criminal had managed to get these details, they could simply login to the wallet, and clear out the user’s account of tokens and coins by sending them to their own wallet. No chance of recompense for the user.

This is a very clever scam, and the advice to users is to never ever share your seed phrases with antony, they are only for you. While wallets are very simple to set up, they are also not the safest way to store funds.

One company has come up with a fool proof way to protect your holdings at all costs, using biometric identification. Avarta is a 4-in-1 solution for both DeFi and the blockchain which makes the users face the only key to accessing a variety of blockchains.

As well as a biometrically-secured, multichain blockchain wallet, it also offers an anti-bot mechanism for public DEX listing, a multi-signature wallet for corporations and legacy planning and multi-chain, decentralized identity management with the risk-based scoring mechanism. 

What is clear is that as the criminals become ever more sophisticated so too must be the protection methods built to support this industry. Avarta is one example of the products that are being developed to help users feel safe and protect their accounts.

Read this next

Digital Assets

Ledger taps MoonPay for instant crypto purchase and token swaps

Crypto hardware wallets provider Ledger and digital payment processor MoonPay announced on Monday new features and products to sweeten their service offerings.

Retail FX

CySEC delists Leverate from investor compensation fund

The Cyprus Securities and Exchange Commission (CySEC) announced that Leverate, a provider of brokerage solutions for the financial services industry, has been excluded from its investor compensation fund today.


Top Crypto Investment: BlockDAG Outpaces Bitcoin Price and Cardano ADA Upgrades, Securing $19.3M in Revolutionary Presale

After plummeting below the crucial $70,000 mark amidst geopolitical tensions, the Bitcoin price is signalling a recovery as it climbs past $63,000. Concurrently, Cardano ADA upgrades, particularly the much-anticipated Chang Hardfork.

Fundamental Analysis, Tech and Fundamental

Global FX Market Summary: Middle East, US economic data, Eurozone data April 22 ,2024

US Dollar strengthens as easing Middle East tensions and strong economic data boost investor confidence, while dovish central banks and weak data weigh on the Euro.

Digital Assets

Thailand moves to block crypto websites to combat online crime

Thai authorities announced that they will block access to unauthorized cryptocurrency platforms. The decision was made after a meeting of the Technology Crime Prevention and Suppression Committee.

Tech and Fundamental, Technical Analysis

GBPUSD Technical Analysis Report 22 April, 2024

GBPUSD currency pair can be expected to fall further toward the next support level 1.2200, previous strong support from November.


TT now enables users to create synthetic multi-leg instruments

“TT Splicer combines the ease and flexibility of TT’s market-leading Autospreader with the power of our best-in-class execution algos to uniquely minimize slippage and optimize trade execution when trading synthetic multi-leg spreads.”


Imandra launches FIX Wizard: AI assistant for FIX connectivity suite

“LLMs hold tremendous promise, but ultimately cannot be trusted in regulated environments. By combining their strengths with scalable, rigorous automated reasoning, we obtain a kind of magic: conversational interfaces with correct reasoning and domain-specific skills.”


Sui Overflow Hackathon Funding Pool Balloons to $1,000,000 as New Sponsors Join

Alibaba Cloud, AngelHack and dWallet are among the latest supporters for the global event.