SlowMist warns of a new phishing attack on MetaMask users using fake emails and 2FA requirements

14.01.2026

SlowMist experts warn MetaMask users about a new wave of phishing attacks aimed at stealing personal data and cryptocurrency assets. Scammers send fake emails that look like official MetaMask notifications. In these emails, the attackers require two-factor authentication (2FA) to supposedly secure an account.The emails contain a link to a phishing site where the user is asked to enter their cid phrases - the unique secret words needed to access the wallet. SlowMist notes that such attacks are becoming more and more sophisticated: attackers use MetaMask's corporate style and persuasive texts to increase user trust.According to SlowMist, the number of such attempts has increased by 35% in recent weeks alone. Experts remind that MetaMask never requests a passphrase or 2FA via email and advise to ignore any suspicious messages. Users are advised to carefully check the sender's address, do not click on questionable links and use official communication channels to verify information.SlowMist also advises to regularly update wallet software and use hardware solutions to store large sums. Following these measures will help reduce the risk of losing money and protect your digital assets.