How to Spot Fraudulent Wallet Verification Emails
NEWNow you can listen to News articles!
Recently, you may have received alarming emails like the following from “sharfharef” titled “Wallet Verification Required” which uses the MetaMask logo and branding.
These messages warn you to verify your wallet by following a link, but scammers use emails like this to steal your crypto information.
Sign up to receive my FREE CyberGuy report
Get my best tech tips, urgent security alerts, and exclusive offers delivered right to your inbox. Plus, you’ll get instant access to my Ultimate Guide to Surviving Scams, free when you join me CYBERGUY.COM information sheet.
FBI warns email users as holiday scams rise
Scam emails posing as MetaMask alerts trick users into revealing their crypto wallet details. (Photographer: Wei Leng Tay/Bloomberg via Getty Images)
What is MetaMask and why scammers love it?
MetaMask is a popular crypto wallet and browser extension that allows you to store tokens and connect to blockchain applications on networks like Ethereum. Because MetaMask is widely known and trusted, criminals impersonate it in phishing campaigns that ask users to “verify” their wallets and then collect recovery phrases or keys.
What makes this email a wallet verification scam?
The scam email copies images from MetaMask and even goes by a Zendesk address to appear more professional; however, the “Verify Wallet Ownership” button points to an unrelated domain that has nothing to do with MetaMask. That mismatch between brand and destination is a major red flag in cryptophishing attacks. It also relies on classic pressure tactics and vague corporate language. The body says:
Dear valued user,
As part of our ongoing commitment to account security, We require verification to confirm ownership of your wallet.
This essential security measure helps protect your assets and maintain the integrity of our platform.
Action required by: December 3, 2025
Your prompt attention to this verification will help ensure uninterrupted access to your account and maintain the highest level of security protection.
Phrases like “Dear Value User,” “essential security measure,” and “Action required by” are common in phishing emails that pretend to be MetaMask and threaten restrictions if you don’t comply. Genuine MetaMask support will direct you to metamask.io or official apps and will never ask you to reveal your recovery secret phrase via a link in an unsolicited email.
In this case, the message even claims to come from “МеtаМаsk.io (Support@МеtаМаsk.io)”.
Why mentioning Zendesk can be misleading
Zendesk is a legitimate customer support platform that many companies use to manage tickets and notifications. Scammers sometimes send fake alerts through such services or spoof similar addresses, making messages look like real support tickets, which can mislead users who associate the Zendesk brand with trust.
In this case, the presence of a Zendesk-style address does not make the message secure because the link still takes you away from the official MetaMask website and asks you to react with manufactured urgency.
NEW EMAIL SCAM USES HIDDEN CHARACTERS TO PASS FILTERS
Phishing messages urging MetaMask to “verify your wallet” direct victims to fake websites that steal recovery phrases. (Photo by Morteza Nikoubazl/NurPhoto via Getty Images)
Steps to stay safe from fraudulent wallet verification emails
Taking the right precautions can protect your digital wallet and personal data from scammers.
1) Don’t click on suspicious links and use powerful antivirus software
Avoid clicking buttons or links in unexpected wallet verification emails, even if they display the MetaMask logo. Instead, open your browser and type metamask.io yourself or use the official mobile app to check for real alerts. Also, install powerful antivirus software to detect malicious links, fake sites, or malware trying to capture your keystrokes.
The best way to protect yourself from malicious links that install malware and potentially access your private information is to have powerful antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Keep it updated so it can block new phishing infrastructure and known fraudulent domains.
Get my picks for the best antivirus protection winners of 2025 for your Windows, Mac, Android, and iOS devices at Cyberguy.com.
2) Only use official websites
Always confirm that the address bar shows the official MetaMask domain or genuine site of your wallet provider before logging in. If an email link sends you to a domain that looks strange, close it immediately.
3) Keep your credentials private
Never enter your recovery passphrase, password, or private keys on a site you accessed via email. MetaMask support will not ask for that information and anyone who obtains it can empty your wallet.
4) Enable two-factor authentication
Light two factor authentication (2FA) wherever your exchange or related accounts support it, as codes from an app or key add a barrier even if a password is leaked. Store backup codes securely offline, so criminals can’t access them.
REAL APPLE SUPPORT EMAILS USED IN NEW PHISHING SCAM
Criminals are spoofing Zendesk-style addresses to make fraudulent MetaMask support emails look legitimate. (Photo by Felix Zahn/Photothek via Getty Images)
5) Use a data removal service
Data removal services can help reduce personal data exposed on data broker sites that attackers use to target victims by name and email. Less exposed information makes it harder for phishers to create compelling wallet alerts tailored to you.
While no service can guarantee complete removal of your data from the Internet, a data deletion service is truly a smart choice. They are not cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically deleting your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to delete your personal data from the Internet. By limiting the information available, you reduce the risk of scammers cross-referencing leak data with information they can find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already available on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already available on the web: Cyberguy.com.
6) Flag suspicious emails
Flag any fake MetaMask messages as spam or phishing in your inbox so filters learn to block similar attacks. You can also report phishing attempts through MetaMask and your email provider to help protect other users.
CLICK HERE TO DOWNLOAD THE News APP
Kurt’s Key Takeaways
Emails like the one from “sharfharef” use MetaMask’s trusted name, polished design, and alarming language to prompt you to click before you think. When you slow down, check the sender, read the text, and confirm the website address, you strip scammers of their biggest advantage, which is panic.
What questions do you still have about protecting your digital accounts and crypto wallets that you want us to answer in a future article? Let us know by writing to us at Cyberguy.com.
Sign up to receive my FREE CyberGuy report
Get my best tech tips, urgent security alerts, and exclusive offers delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Guide to Surviving Scams, free when you join me CYBERGUY.COM information sheet.
Copyright 2025 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning technology journalist with a deep love for technology, gear and devices that improve lives with his contributions to News and News Business since mornings on “News & Friends.” Do you have any technical questions? Get Kurt’s free CyberGuy newsletter, share your voice, a story idea or comment on CyberGuy.com.