Consumer Education Specialist, FTC
If you got an email that seems to be from MetaMask or PayPal, stop. They’re phishing scams. The MetaMask fake says your cryptocurrency wallet is blocked. And, if you don’t act fast, click a link, and update your wallet, they say your crypto will be lost. The phony PayPal message says BNC Billing cancelled your payment to Binance — and it gives you a phone number to reach PayPal…except that’s a scam, too. If you get one of the messages, delete it. But what then?
Most unexpected emails saying to act quickly, click a link, or call a number are phishing scams. They may look like they come from companies you know, but they’re from scammers who want you to think the message is real. That way, scammers think you’ll click into a fake website or call an actual scammer — all to solve a fake problem. If you click or call, the scammers will steal your financial or personal information, and that could lead to identity theft.
Here are examples of these fake phishing emails:
PayPal Binance Phishing Sample Email
MetaMask Phishing Sample Email
To spot and avoid a phishing scam:
Slow down. Ask yourself: Do I have an account with the company? Do I know whoever sent the email? If “no,” it’s a phishing attempt. If “yes,” still check it out. Contact the company using a number or website you know is real. And, if you own a cryptocurrency wallet and have a concern, contact the cryptocurrency exchange that holds your wallet.
Don’t click on any links. Links in unexpected texts or emails could lead to identity theft or let scammers install malware.
Update your security software. This will protect your phone and computer from security threats, which could expose your personal or financial information to scammers.
If you get a phishing email, forward it to the Anti-Phishing Working Group at firstname.lastname@example.org. Then tell the FTC at ReportFraud.ftc.gov.