My Metamask Got Phished Today, Don’t Be Like Me
I have always been among those people who will always think that they are too careful and too smart to make any mistake like clicking a phishing website, but unfortunately, today wasn’t just my day to be careful. I have always been careful, but this time around, I wasn’t careful enough. On a normal day before clicking on any site and connecting them to my metamask, I always like to know and verify the social media handle I am getting the link from. Especially to know if its a legitimate one.
I have been doing a lot of testiest and hunting airdrops, so I am kind of vigilant to know when the airdrop is live so I can claim my airdrop. This has made me more naive than I expected, last night I got a twitter notification that one of the testnet airdrop is live, which is the LayerZero testing. The twitter post said, click on the link below to know if you are eligible. I got excited because I did a layer zero testnet, so I decided to try and know if I am eligible. I clicked the link on my laptop and it refused to open, that would have been my first sign, but I was too excited and naive to pay attention. Then I clicked the link on my mobile phone and it went through, so I restarted my internet, but something fishy happened. The moment I clicked the link on my phone, a countdown appeared showing that I had 12 minutes more to claim my airdrop. By the time I was trying to get the internet ready for my PC to try it again, about 5 Minutes had gone. I was anxious and didnt want the countdown to hit zero.
The internet connection went through for the PC, and I clicked the link again and the countdown on my PC was at 15 Minutes left, this was fishy, why is my mobile phone countdown saying about 10 Minutes left and PC is saying 15 minutes. But I was too ignorant to do more research, so I clicked on Connect Wallet, a sign in permission metamask message popped up requesting for sign in permission, I was so ignorant and naive once again to look properly, so I ignored it and signed it giving it permission to execute the transaction. After executing the transaction, the site kept on connecting and buffering my wallet for minutes, I checked my metamask transaction history and it showed that transaction was complete, gas fee was about $0.5 but I was seeing an additional transaction which was about $5, mind you I had $6 in my metamask, this means that if I had more, I would have lost more.
So I decided to check the Etherscan explorer and I was surprised to see a phishing warning from Etherscan, I checked and the name of the address is named Fake_Phishing6102. At this point, I knew I had messed up, so I did some google research to know if this person has an automatic access to my account or its just that transaction. While scrolling through my metamask, I decided to disconnect the site from my wallet, that way the person can’t access my account according to:
It means that as long as I have disconnected the site from my wallet, this person can’t initiate any transaction. Well, thank God for that. To disconnect sites(dapps) from your metamask wallet, all you need to do is go to
Now you have disconnected the site from your wallet, I dont think the hacker can have access to your wallet anymore. If the hacker can, then just transfer all your funds off the wallet to a brand new fresh metamask wallet.
Posted Using LeoFinance Beta
Sorry man, that's awful.
Thanks a lot, we learn everyday
Posted Using LeoFinance Beta
https://twitter.com/1410339996624687104/status/1588612301845712896
The rewards earned on this comment will go directly to the people( @readthisplease ) sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at https://hiveposh.com.
Sorry about this. I hope you can recoup asap
Posted Using LeoFinance Beta
Yeah I can, luckily I didn’t have huge amount inside
The amount taken made me relax, now you've gotten held now is to really be vigilante and attentive.
You really lucky here...
Posted Using LeoFinance Beta