Hey everyone,
Just a quick heads-up: a new phishing campaign is circulating that targets MetaMask users with fake “security update” pop-ups or emails, urging them to download a browser extension or input their seed phrase to “verify” their wallet.
Please note:
MetaMask will never ask you to enter your seed phrase outside of your wallet interface.
You do not need to manually download any "update" — your extension updates automatically via Chrome or Firefox.
These scams are getting more sophisticated, mimicking real MetaMask branding and even redirecting users to URLs that look nearly identical to the official site.
If you’ve seen this type of scam or know someone who fell for it, please share your experience below. The more awareness we raise, the fewer people get hurt.
Thanks for the heads-up — this is super important, and sadly becoming way too common.
I actually had a friend fall for a very similar scam last month. They got an in-browser pop-up (looked exactly like the MetaMask UI) saying something like “security upgrade required — re-enter seed to avoid wallet suspension.” It even had the little fox logo and everything. Total replica. They entered their seed phrase and within minutes, their entire wallet was drained — NFTs, tokens, even some ETH they were holding for gas.
Just a reminder to everyone:
-
MetaMask will never suspend your wallet.
-
You will never be asked for your seed unless you initiate wallet recovery.
-
Always double-check the URL — official MetaMask site is https://metamask.io , and any variation of that (extra dashes, weird TLDs, etc.) is a red flag.
Also, if you’re helping onboard friends or family into crypto, make wallet security part of the onboarding process. It’s not just about “don’t click links” anymore — these scammers are getting slick with browser injections, fake ads, and even impersonating support staff in Telegram or Discord.
Appreciate you posting this — the more we talk about it, the more we can help people not learn the hard way. 🙏 Stay safe out there.
