Crypto users on social media have been put on alert due to a new crypto-themed phishing email attack that appears to be sent from the content creator platform Patreon. According to reports on social media platforms X and Reddit, scammers who register users’ email addresses with Patreon are subsequently signing them up for malicious emails from fake crypto projects on the platform.
Noteworthy Details on the Issue
Reports of phishing attacks began to surface on January 23, with users reporting receiving emails about fake airdrop events from Patreon content creators imitating Chainlink, Solana, Manta Network, and Sui.
In a January 25 post by X, Patreon Support informed a member of the crypto community that they had identified and resolved an issue related to email verification and an erroneous follow from a crypto account claiming to be a Patreon creator, adding that affected accounts were being addressed.
A screenshot of an email reported to be sent from Patreon sheds more light on the process, explaining that the fraudulent emails are part of a coordinated malicious attempt to access users’ cryptocurrency wallets and that the issue has since been corrected.
However, some X users have indicated that they have continued to receive phishing emails over the last four days. In a Reddit post dated January 28 under the r/CryptoCurrency title, user u/PhaseEquivalent3529 shared the following:
“Today I deleted 6 Patreon emails all talking about the Manta airdrop event.”
Web3 and Hack Attacks
According to the blockchain security platform Scam Sniffer, over 324,000 crypto users fell victim to phishing scams in 2023, with total losses amounting to $295 million. When considering the future airdrop rights users are entitled to, the scale of these attacks in the Web3 space becomes apparent.
However, recent proactive measures taken by blockchain users have led to a significant reduction in both the number of assets lost and the number of users affected by these attacks. Coordinated efforts by governments and blockchain security firms continue to place a heavy burden on black-hat hackers, instilling fear and concern among attackers.
