Fake OpenSea Support staff targeting victim's crypto wallets and NFTs under an ongoing Phishing Campaign through Discord Servers...

Continue reading
OpeanSea clients and support staff are experiencing an ongoing brutal Discord Phishing campaign enabling threat actors to steal cryptocurrency and extort NFTs.
The threat actors resided in OpenSea's Discord server for many weeks, imitating to be official members of the company. These fake members provided private assistance to OpenSea users needing help that eventually led to the theft of cryptocurrency NFT products stored in the victim's MetaMask wallets.
The OpenSea's help server is always active for user support and can be accessed through the company's Discord server. After a user posts a query on the discord server, threat actors start sending private messages to the potential targets.
Jeff Nicholas, one of the victims who got scammed, reported that the threat actors suggested he share his screen so that they provide guidance. He stated that "Lots of grooming, working through the issue pulling you in. Then ask you to share the screen so they can see what you are seeing"

After this, the threat actors would ask the victims to resync their MetaMask Chrome extension with the MetaMask mobile app. Nicholas explained the whole scamming process by stating that "Say you need to resync your MM and at this point, you are sucked into fixing this thing whatever it is. Pull up QR code, and it immediately says synced."
Anyone who has access to this QR code, including the fake officials, can create a screenshot and then misuse that image to sync your wallet into their mobile apps.

OpenSea stated that they are aware of the ongoing issue and urged all users to open support requests through their help centers only.
ICYMI People have been getting scammed on OpenSea's Discord by bad actors claiming to be OpenSea support. OpenSea has known about this for at least a week, possibly longer. Yet they are still directing people to their Discord. 1/? pic.twitter.com/ZU6OYGdNE1
— Sean Bonner Ⓥ (@seanbonner) August 24, 2021
Nate Chastain, OpenSea's Head of Product, tweeted that "Saddened to hear an OpenSea user was the victim of a significant phishing attack last night. Please be vigilant and direct support requests through our Help Center/ZenDesk."
Polymarket's hack losses climb to $3.1M across 11 wallets as the platform faces a federal probe into deceptive marketing, even after pledging full refunds.