Technology

How to spot wallet verification scam emails

Published

1 month ago

December 9, 2025

How to spot wallet verification scam emails

NEWYou can now listen to Fox News articles!

Recently, you may have received alarming emails like the one below from “sharfharef” titled “Wallet Verification Required” that uses the MetaMask logo and branding.

These messages warn you to verify your wallet by following a link, but scammers use emails like this to steal your crypto information.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

FBI WARNS EMAIL USERS AS HOLIDAY SCAMS SURGE

Scam emails posing as MetaMask alerts are tricking users into revealing their crypto wallet details. (Photographer: Wei Leng Tay/Bloomberg via Getty Images)

What is MetaMask and why scammers love it

MetaMask is a popular crypto wallet and browser extension that lets you store tokens and connect to blockchain apps on networks such as Ethereum. Because MetaMask is widely known and trusted, criminals impersonate it in phishing campaigns that ask users to “verify” wallets and then harvest recovery phrases or keys.

What makes this email a wallet verification scam

The scam email copies MetaMask visuals and even routes through a Zendesk address to look more professional, yet the “Verify Wallet Ownership” button points to an unrelated domain that has nothing to do with MetaMask. That mismatch between branding and destination is a major red flag in crypto phishing attacks. It also relies on classic pressure tactics and vague corporate language. The body reads:

Dear Valued User,
As part of our ongoing commitment to account security, we require verification to confirm ownership of your wallet.
This essential security measure helps protect your assets and maintain the integrity of our platform.
Action Required By: December 03, 2025
Your prompt attention to this verification will help ensure uninterrupted access to your account and maintain the highest level of security protection.

Phrases like “Dear Valued User,” “essential security measure” and “Action Required By” are common in phishing emails that pretend to be MetaMask and threaten restrictions if you do not comply. Genuine MetaMask support will direct you to metamask.io or official apps and will never ask you to reveal your secret recovery phrase through a link in an unsolicited email.

In this case, the message even claims to come from “МеtаМаsk.io (Support@МеtаМаsk.io)” . That display name looks like MetaMask Support, but the real sending address is an unrelated Zendesk subdomain, which is a classic red flag. MetaMask explains that legitimate support messages only come from specific official addresses, so anything else should be treated as a scam and ignored.

Why mention Zendesk can be misleading

Zendesk is a legitimate customer support platform that many companies use to manage tickets and notifications. Scammers sometimes route fake alerts through such services or spoof similar addresses, so messages look like real support tickets, which can fool users who associate Zendesk branding with trust.

In this case, the presence of a Zendesk-style address does not make the message safe because the link still leads away from MetaMask’s official website and asks you to react to manufactured urgency.

NEW EMAIL SCAM USES HIDDEN CHARACTERS TO SLIP PAST FILTERS

Phishing messages urging MetaMask “wallet verification” direct victims to fake websites that steal recovery phrases. (Photo by Morteza Nikoubazl/NurPhoto via Getty Images)

Steps to stay safe from wallet verification scam emails

Taking the right precautions can protect your digital wallet and personal data from scammers.

1) Do not click suspicious links and use strong antivirus software

Avoid clicking buttons or links in unexpected wallet verification emails, even if they show the MetaMask logo. Instead, open your browser and type metamask.io yourself or use the official mobile app to check for any real alerts. Also, install strong antivirus software to detect malicious links, fake sites or malware that tries to capture your keystrokes.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Keep it updated so it can block new phishing infrastructure and known scam domains.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

2) Use official websites only

Always confirm that the address bar shows MetaMask’s official domain or your wallet provider’s genuine site before you sign in. If an email link sends you to a domain that looks odd, close it immediately.

3) Keep your credentials private

Never enter your secret recovery phrase, password or private keys on a site you reached by email. MetaMask support will not ask for that information, and anyone who gets it can empty your wallet.

4) Enable two-factor authentication

Turn on two-factor authentication (2FA) wherever your exchange or related accounts support it, since codes from an app or key add a barrier even if a password leaks. Store backup codes safely offline, so criminals cannot reach them.

REAL APPLE SUPPORT EMAILS USED IN NEW PHISHING SCAM

Criminals are spoofing Zendesk-style addresses to make fraudulent MetaMask support emails appear legitimate. (Photo by Felix Zahn/Photothek via Getty Images)

5) Use a data removal service

Data removal services can help reduce exposed personal details from data broker sites that attackers use to target victims by name and email. Less exposed information makes it harder for phishers to craft convincing wallet alerts tailored to you.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

6) Mark suspicious emails

Mark any fake MetaMask messages as spam or phishing in your inbox so filters learn to block similar attacks. You can also report phishing attempts through MetaMask and your email provider to help protect other users.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Emails like the one from “sharfharef” use MetaMask’s trusted name, polished design and alarming language to push you into clicking before you think. When you slow down, check the sender, read the wording and confirm the website address, you strip scammers of their biggest advantage, which is panic.

What questions do you still have about protecting your digital accounts and crypto wallets that you want us to answer in a future article? Let us know by writing to us at Cyberguy.com.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Related Topics:cybercrime email Featured Privacy

Click to comment

Technology

A second US Sphere could come to Maryland

Published

3 hours ago

January 19, 2026

Press Room

A second US Sphere could come to Maryland

The second US sphere would be built in an area known as National Harbor in Prince George’s County, Maryland. Located along the Potomac River, National Harbor currently features a convention center, multiple hotels, restaurants, and shops. While Abu Dhabi plans to build a sphere as large as the one in Las Vegas, the National Harbor venue would be one of the first mini-Sphere venues announced last March.

Its capacity would be limited to 6,000 seats instead of over 17,000. But the smaller Sphere would still be hard to miss with an exterior LED exosphere for showcasing the “artistic and branded content” that helped make the original sphere a unique part of the Las Vegas skyline.

The inside of the mini-Sphere will feature a high-resolution 16,000 by 16,000 pixel wrap-around screen, the company’s immersive sound technology, haptic seating, and “4D environmental effects.” For the AI-enhanced version of The Wizard of Oz currently playing in Las Vegas, audiences experience effects like wind, fog, smells, and apples falling from the ceiling.

The mini-Sphere will potentially also be cheaper to build than the $2.3 billion original, but its construction is contingent on the “receipt of certain governmental incentives and approvals from Prince George’s County and the State of Maryland.” Sphere Entertainment says the project “would utilize a combination of public and private funding, including approximately $200 million in state, local, and private incentives,” but would potentially generate millions of dollars in revenue for the country and state while supporting over 4,700 jobs once it opens.

Technology

Apple warns millions of iPhones are exposed to attack

Published

4 hours ago

January 19, 2026

Press Room

Apple warns millions of iPhones are exposed to attack

NEWYou can now listen to Fox News articles!

The Apple iPhone is the most popular smartphone in the United States and one of the most widely used devices in the world. An estimated 1.6 billion people rely on iPhones every day. That massive user base also makes the platform a prime target.

Over the past few weeks, Apple has been sending out warnings about a serious security flaw. New data suggests the risk could affect roughly half of all iPhone users.

That puts hundreds of millions of devices in potential danger right now.

WHATSAPP WEB MALWARE SPREADS BANKING TROJAN AUTOMATICALLY

Apple is warning iPhone users about a serious Safari security flaw that could leave hundreds of millions of devices vulnerable if updates are delayed. (Thomas Trutschel/Photothek via Getty Images)

What Apple discovered in Safari and WebKit

Late last month, Apple confirmed two critical vulnerabilities in WebKit. WebKit powers Safari and every browser that runs on iOS. According to Apple, the flaws were used in an extremely sophisticated attack that targeted specific individuals. The problem allowed malicious websites to trick iPhones and iPads into running harmful code. Once that happens, attackers could gain control of the device, steal passwords or access payment information. In simple terms, visiting the wrong website could have been enough.

Why millions of iPhones are still exposed

Apple moved quickly to release a fix. The patch is included in the latest software update. The problem is that many people have not installed it yet. Estimates suggest that about 50 percent of eligible users have not upgraded from iOS 18 to iOS 26. That would leave around 800 million devices vulnerable worldwide. Data from StatCounter paints an even worse picture. It estimates that only 20 percent of users have updated so far. Once security details become public, the risk grows fast. Attackers know exactly what to exploit.

iPhone and iPad models at the highest risk

Apple says the following devices are affected if they are not updated:

iPhone 11 and later
iPad Pro 12.9-inch 3rd generation and later
iPad Pro 11-inch 1st generation and later
iPad Air 3rd generation and later
iPad 8th generation and later
iPad mini 5th generation and later

If your device appears on this list and you have not updated it, it is vulnerable.

INSTAGRAM PASSWORD RESET SURGE: PROTECT YOUR ACCOUNT

New data suggests nearly half of all iPhone users worldwide may still be exposed to a critical WebKit exploit Apple says was actively used in attacks. (Jakub Porzycki/NurPhoto via Getty Images)

Why upgrading is the only real protection

There is no setting to flip and no safe browsing habit that fixes this issue. The vulnerability lives deep inside the browser engine. Security experts say there is no workaround or user behavior that meaningfully reduces the risk. Installing the latest software is the only effective defense. Apple is no longer offering a security-only update for users who want to stay on iOS 18. Unless your device cannot run iOS 26, the fix is only available through iOS 26.2 and iPadOS 26.2.

Steps to update your iPhone or iPad now

Updating is quick and usually painless. If automatic updates are enabled, the fix may already be installed.

If not, follow these steps:

Open the Settings app on iPhone
Tap General
Select Software Update
Download and install iOS 26.2 or iPadOS 26.2 or later

Make sure your device is connected to Wi-Fi and has enough battery life or is plugged in.

Pro tip: Use strong antivirus software

Keeping your iPhone updated is critical, but it should not be your only line of defense. Strong antivirus software adds another layer of protection by scanning malicious links, blocking risky websites and alerting you to suspicious activity before damage is done.

This matters even more when attacks rely on compromised websites or hidden browser exploits. Security software can help catch threats that slip through and give you extra visibility into what is happening on your device.

Think of it as backup protection. Software updates close known holes, while strong antivirus tools help guard against the next one.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

FAKE ERROR POPUPS ARE SPREADING MALWARE FAST

Apple says malicious websites could exploit a Safari flaw to steal passwords or payment information from unpatched iPhones and iPads. (David Paul Morris/Bloomberg via Getty Images)

Kurt’s key takeaways

Apple rarely uses language like “extremely sophisticated” unless the threat is serious. This flaw shows how even trusted browsers can become attack paths when updates are delayed. Waiting weeks or months to update now carries real consequences. If you use your iPhone for banking, shopping or work, this update should be treated as urgent.

How long do you usually wait before installing major iPhone updates, and is that delay worth the risk anymore? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Technology

You need to listen to the cosmic horror-comedy podcast Welcome to Night Vale

Published

16 hours ago

January 19, 2026

Press Room

It’s relatively rare for a podcast to last 14 years, especially a fiction one. In fact, as far as I can tell, Welcome to Night Vale is the longest continually running fiction podcast out there. (Some will argue it’s actually We’re Alive, but that has taken a few significant breaks between seasons.) The story of Night Vale, the titular desert town, now spans 12 seasons, over 280 episodes, three books, and at least 10 live standalone shows. While dedicating several hundred hours of your life to listening to every episode might seem like a big ask, I believe you’ll be hooked once you dive in.

The show is written by Joseph Fink and Jeffrey Cranor, who draw heavily on the work of H.P. Lovecraft. Every season has its own arc, but broadly, the show tells the story of a town that exists in an alternate version of Earth. In this town Angels are real, but acknowledging their existence is illegal; librarians are dangerous creatures with “thousands of spiny legs” and “pincers”; and there is a Faceless Old Woman who secretly lives in your home.

These are clearly unsettling concepts when taken at face value. But rather than trying to scare the listener, Cranor and Fink lean into the natural absurdity of cosmic horror and refuse to take themselves too seriously. They also routinely subvert the bigotry of their inspiration, using Lovecraftian creations to tell stories rich with LGBTQ+ characters.

Of course, having well-written scripts and telling a compelling story is only part of the equation. What elevates Welcome to Night Vale to true greatness is the cast, especially narrator Cecil Baldwin, who plays the host of the central radio show, Cecil Palmer. Cecil’s voice has the gravitas to tell ominous stories of secretive government agencies and ancient gods. But he has the range to deliver light-hearted banter with a sentient patch of haze (her name is Deb, in case you were wondering).

Cecil Baldwin has the charisma to make even the reading of a repair manual for a toaster compelling. He can be creepy, funny, or soothing, often all within the same episode. (For this reason, I don’t suggest listening to Night Vale at night. I have fallen asleep to the dulcet sounds of Baldwin’s voice several times, only for the more unsettling parts of the show to make their way into my dreams.)

Every episode also features a musical interlude in the guise of “The Weather.” The show mostly features lesser-known artists, but alumni include Jason Isbell, The Mountain Goats, Waxahatchee, Angel Olsen, Open Mike Eagle, and Sylvan Esso.

Welcome to Night Vale is also a great way to introduce younger listeners to horror. I would never suggest my eight-year-old read H.P. Lovecraft. Partly because the man’s unrepentant racism is baked into the very fabric of his stories, but also because the violence is often too much for children. Night Vale, on the other hand, takes those horrors and exposes them for what they are: entertainment. I can put the podcast on, bond with my kid over their burgeoning love of all things creepy and weird, and trust that they’ll walk away with a good message.

Welcome to Night Vale is available on most podcast platforms, including Apple Podcasts, Pocketcasts, YouTube, and Spotify.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.