Trust Wallet Scam seeks to extract sensitive information from victimsMalicious link in the email leads to different phishing sitesThreat SummaryHow online crypto scams are promoted and how to avoid falling victim to them?Remove malware from your computer
Trust Wallet scam sites are promoted via phishing emails. Scammers design these emails to make them look like they were sent by the actual Trust Wallet. The discovered samples had deceptive subject lines, such as:
Your wallet will be suspended!Our system has shown that your Trust Wallet has not yet been verified;Updates!!!;Verify your account;We have an urgent message regarding your assets.
Although the email message text differs depending on the phishing campaign used, they all deliver the same message to the victim. The scammers usually claim that the Trust Wallet’s system identified the user hasn’t verified the wallet which can lead to the account suspension. The phisher asks to verify the wallet via provided link.
Malicious link in the email leads to different phishing sites
One of the analysed phishing websites related to Trust Wallet Crypto Scam claim users can earn Shiba Coins (SHIB) for free. These sites ask the user to complete a form to start earning coins for free. The form asks how long the user has been a member of Trust Wallet and then asks to fill in Trust Wallet’s Recovery Phrase. Lastly, there is a button stating “Earn Now” which does nothing else but sends the private data the user entered to fraudsters. Another reported email scam campaign leads the user to a phishing website that’s designed to impersonate the official Trust Wallet website. The phishing site showcases a 10-second countdown to allegedly “open a secure Internet environment.” This is nothing else but a deceptive act to gain user’s trust in the website’s security and reputation. Once the countdown is complete, the site triggers a redirect to a deceptive site asking to enter the recovery phrase for the wallet. Some of other observed phishing sites had slightly different designs but they all were made with the same purpose – to collect user’s recovery phrase (also known as the seed-phrase) which allows the hackers to take control over the victim’s wallet. Victims should also remember that such phishing sites tend to have short-lifespan as scammers tend to use them for a period of time and then create new deceptive domains that are used in scam campaigns. On top of that, such sites might trigger redirects to other malicious websites once the required information is provided by the user. This way, the user might end up on other scam sites or download malicious files to the computer without realising the consequences. For this reason, anyone who has fallen victim to the Trust Wallet Scam are advised to scan their computers for malware.
Threat Summary
REPAIR VIRUS DAMAGE See some examples of the phishing sites pushing Trust Wallet Crypto Scam. These sites always ask for user’s Recovery Phrases. See the first example below. Second example: In this last example, scammers promise a SHIBA INU (SHIB) gift for the user and also require the user’s seed phrase.
How online crypto scams are promoted and how to avoid falling victim to them?
Online crypto scams are on the rise, so users should be extremely vigilant. The most common techniques used to promote these scams involve social media or email spam campaigns and potentially unwanted programs (PUPs). To promote deceptive online sites impersonating official websites of cryptocurrency exchange platforms, the cybercriminals take advantage of email spam by distributing thousands of messages to potential targets. Some of the things that users should look out for are overly-general greeting line, such as “Dear customer/user/client” and grammar or typo errors in the email or the linked website. Additionally, users should inspect the sender’s email. For example, the official Trust Wallet website is trustwallet.com, meanwhile, the scammers use a scam domain trustwallet.net, as well as create email addresses on this domain. Scammers also tend to use long domain names, such as hxxp://trustwallet.com.erc20-tokens-gift.com, hxxp://trust-shibawallet.web.app or trustcryptowallet.net that are a little easier to spot and identify as deceptive. Another common trick used by scammers to promote crypto scams is creating fake social media profiles and pushing deceptive posts to users. Usually, these posts include too-good-to-be-true claims, such as giveaway of cryptocurrencies or other freebies. These fake claims may appear in a form of posts or even ads on social media platforms and various websites. They will contain a link to a site where the user can allegedly “claim the reward.” However, the site will demand some sensitive information in exchange for the “gift” which simply does not exist and will not be issued by the scammers. Again, users should remember that legitimate crypto services do not ask to reveal your private keys or password. Users might also run into phishing or malicious sites in case they have potentially unwanted programs (PUPs) or malware installed on their computers. These programs tend to trigger pop-up ads or redirects during user’s browsing sessions. Other potentially unwanted programs associated with crypto scams are known as clipboard hijackers and are developed to identify whenever the user accesses a cryptocurrency exchange platform and replace user’s clipboard data with cybercriminals’ wallet address so that the user would transfer funds to a wrong wallet address.
Remove malware from your computer
If you suspect that interactions with phishing emails or websites could result in a computer infection, or if you suspect that your computer was previously infected with an adware serving you malicious ads, we strongly recommend that you scan your computer with trustworthy antivirus. For Mac users, we recommend INTEGO, while Windows users can try RESTORO (download link) to identify unwanted software and repair virus damage to Windows OS files. OUR GEEKS RECOMMEND Our team recommends a two-step rescue plan to remove ransomware and other remaining malware from your computer, plus repair caused virus damage to the system: GeeksAdvice.com editors select recommended products based on their effectiveness. We may earn a commission from affiliate links, at no additional cost to you. Learn more. Get INTEGO ANTIVIRUS for Windows to remove ransomware, Trojans, adware and other spyware and malware variants and protect your PC and network drives 24/7. This VB100-certified security software uses state-of-art technology to provide protection against ransomware, Zero-Day attacks and advanced threats, Intego Web Shield blocks dangerous websites, phishing attacks, malicious downloads and installation of potentially unwanted programs. Use INTEGO Antivirus to remove detected threats from your computer. Read full review here. RESTORO provides a free scan that helps to identify hardware, security and stability issues and presents a comprehensive report which can help you to locate and fix detected issues manually. It is a great PC repair software to use after you remove malware with professional antivirus. The full version of software will fix detected issues and repair virus damage caused to your Windows OS files automatically. RESTORO uses AVIRA scanning engine to detect existing spyware and malware. If any are found, the software will eliminate them. Read full review here. To remove the unwanted program from your computer, use these instructions below to uninstall associated programs or apps from your Windows or Mac computer. Then scroll down for instructions how to clean each affected web browser individually.
Remove malware from Windows
Windows 10/8.1/8 users Click on the Windows logo to open Windows menu. In search, type control panel and select the matching result. Then go to Programs and Features. Windows 7 users First, open Windows menu by clicking on the icon in the lower left corner of the screen. Then go to Control Panel and find section called Programs. Click on the Uninstall a program option under it. Windows XP users In Windows XP, click Start > Control Panel > Add or Remove Programs. Uninstall unwanted programs Once in Programs and Features, look through the list of installed programs. You can click on Installed on tab to sort the programs by their installation date. Right-click on suspicious programs you can’t remember installing and choose Uninstall. Follow instructions provided by the Uninstall Wizard, click Next and finally Finish to uninstall the unwanted program from your PC.
Remove malware from Google Chrome Remove suspicious Chrome extensions Change Start Page settings Change default search settings Remove push notifications from Chrome If you want to get rid of the annoying ads and so-called push-notifications viruses, you must identify their components and clean your browser. You can easily remove ads from Chrome by following these steps: Reset Google Chrome browser
Remove malware from Mozilla Firefox Remove unwanted add-ons from Firefox Change Firefox Homepage Alter preferences in Firefox Remove annoying push notifications from Firefox Suspicious sites that ask to enable push notifications gain access to Mozilla’s settings and can deliver intrusive advertisements when browsing the Internet. Therefore, you should remove access to your browser by following these simple steps: Reset Mozilla Firefox
Remove malware from Microsoft Edge Remove suspicious extensions: Change MS Edge Start Page and default search engine: Turn off push notifications in Edge If you keep receiving pop-up ads or other promotional content while browsing on Microsoft Edge, your browser might be corrupted by a potentially unwanted program (PUP). You have to clean it — follow these easy instructions: Clear browsing data
Remove malware from Safari Uninstall suspicious Safari extensions Change Safari Homepage and default search engine Remove push notifications on Safari Some suspicious websites can try to corrupt your Safari by asking to enable push notifications. If you have accidentally agreed, your browser will be flooded with various intrusive advertisements and pop-ups. You can get rid of them by following this quick guide: Reset Safari
Remove malware from Internet Explorer TIP: If you are still using IE, we strongly advise using Microsoft Edge or a different browser because Microsoft is no longer providing technical or security support for IE browser. Remove suspicious extensions from IE Change default search provider and remove suspicious ones Change IE Home Page Block pop-up notifications on Internet Explorer Suspicious websites can gain access to your Internet Explorer browser through push notifications. If you enable them even by accident, you will start receiving numerous annoying ads and other advertising content while browsing. The easiest way to remove push-notification viruses is by performing the following steps: Reset Internet Explorer
Alternative software recommendations
Malwarebytes Anti-Malware Removing spyware and malware is one step towards cybersecurity. To protect yourself against ever-evolving threats, we strongly recommend purchasing a Premium version of Malwarebytes Anti-Malware, which provides security based on artificial intelligence and machine learning. Includes ransomware protection. See pricing options and protect yourself now.
System Mechanic Ultimate Defense If you’re looking for an all-in-one system maintenance suite that has 7 core components providing powerful real-time protection, on-demand malware removal, system optimization, data recovery, password manager, online privacy protection and secure driver wiping technology. Therefore, due to its wide-range of capabilities, System Mechanic Ultimate Defense deserves Geek’s Advice approval. Get it now for 50% off. You may also be interested in its full review.
Disclaimer. This site includes affiliate links. We may earn a small commission by recommending certain products, at no additional cost for you. We only choose quality software and services to recommend.