The email details a supposed security breach that occurred during January 2019. Affected users are requested to sign in to their wallets using their private key or seed phrase and in doing so are handing over this highly sensitive information to the attackers.
In a Tweet from earlier today, the team behind the MyEtherWallet (MEW) Ethereum blockchain interfacing program alerted users to a phishing email that attempts to trick people into disclosing their private keys. The Tweet contains a screen shot of the email itself.
It states that MyEtherWallet fell victim to a DNS attack during January of this year. According to the fraudulent email, only MEW users accessing their wallets using either their private key or seed phrase were impacted by the attack.
Those users affected are requested to visit the website and download their Keystore file. They are then encouraged to reply to the email requesting further guidance on securing their wallets. The fraudulent correspondence concludes with the stark warning:
“If you do not update and secure your wallet, you are running the risk of losing your funds stored on your wallet.”
Attention #MEWfam, There's another phishy email going around asking users to give up personal information. Don't believe the hype! #1. We will never email you first (only reply to support). #2. We will never ask for your private key (or other sensitive info).#3. Be skeptical! pic.twitter.com/654TLIt5ar — MyEtherWallet.com (@myetherwallet) February 4, 2019
In the Tweet alerting users to the scam, MyEtherWallet offered advice to help people to avoid falling victim to phishing attacks when using the Ethereum blockchain interface. Users were reminded that MyEtherWallet will never email first – only in response to support requests – and they never ask for private keys or seed phrases. Finally, users are advised to always exercise caution when faced with requests for such sensitive information.
One Twitter user responded to the announcement, commenting on the underhand tactics used by those behind the phishing email scam:
Jesus that's dirty. — Arseniy ✌️ Ivanov (@freeatnet) February 4, 2019
The scam draws on previous MyEtherWallet security compromises to give it an air of legitimacy. A similar DNS attack to that detailed in the email occurred last year against the blockchain interface program. Many of those unlucky enough to fall victim to the security issue last April found that the Ether and other tokens stored using the MEW service were stolen by those behind the attack.
This is the second such phishing attack against a popular cryptocurrency service provider already this year. In the previous example, users of the peer-to-peer Bitcoin trading website LocalBitcoins were directed to a phishing website from the official forum where their login credentials were stolen. This caused the service to temporarily disable its compromised forum. However, many users had their wallets emptied before action could be taken. The precise figure of stolen funds is unknown but it is believed to be in excess of $28,000.
Related Reading: ShapeShift Phishing Site Advertisement Tops Google Search Results