Phishing Frenzy: PoisonSeed Campaign Drains Crypto Wallets through Hijacked Email Accounts
Phishing campaign ‘PoisonSeed’ is targeting corporate email accounts to steal crypto wallets. Using phishing emails from compromised accounts, victims are tricked into using fraudulent Coinbase seed phrases. Always generate your own wallet seed phrases and ignore suspicious email requests to avoid having your digital assets “poisoned” by cybercriminals.
Hot Take:
Oh, PoisonSeed! When will you learn that people like their crypto wallets like they like their coffee – secure and not poisoned with phishy nonsense? This campaign is a classic case of “phish and chips,” where the chips are your digital assets, and the phish is a sneaky seed phrase. Remember, folks, if it sounds like a scam, smells like a scam, and looks like a scam, it’s probably a scam. Keep your seed phrases close and your crypto closer!
Key Points:
- PoisonSeed is a large-scale phishing campaign targeting corporate email marketing accounts.
- The campaign exploits compromised accounts from Mailchimp, SendGrid, HubSpot, Mailgun, and Zoho.
- Victims are tricked into using fake seed phrases to transfer cryptocurrency into attackers’ wallets.
- SilentPush researchers distinguish PoisonSeed from similar campaigns by its unique code and tactics.
- Caution is advised: never use seed phrases provided by emails or unknown sources.