Phishing, Malware, and Other Scams

Security is a big part of the financial and crypto industry. With multiple news outlets and social media platforms mentioning numerous "hacks" for crypto-based businesses. Here at Coinmetro, we believe that malicious activities can be avoided with simple security steps for the users as well as for any stakeholders.


The most common way that a hacker may try to get hold of your personal information, money, or account details is through email. We have all seen at least one scam/phishing email in our lifetime.

For all phishing articles, the premise is the same. They usually contain either misinformation, threats, or a proposal that sounds too good to be true. From impersonating support personnel to governmental institutions, these individuals or systems will use any type of means to give them an edge. The information they may trick you into giving them could be something trivial such as clicking on a link to disclose your account passwords or even your bank details.

Should you ever come across a phishing or scam email, we strongly advise that you file a spam alert for said email, file a report if possible, and delete the email immediately.

Phishing Sites

This method aims to redirect you to an exact site layout as you are intending to use, the site domain names are made in such a way that people make a mistake in spelling the proper website and are redirected to the "fake" site.

When you enter your credentials on such a site, they are in the hands of the domain creators and will most likely use this information for nefarious means. These domains live for a short period and are usually closed once enough people get their information leaked or until it is shut down.

Be very mindful of which site you are entering. Even one incorrect letter could redirect you to a miscellaneous site that is masquerading as the one you intended to visit.

Media Messages

Quite similar to emails, a person may contact you or have an overall message promising something or asking for something. Sometimes these messages may be obvious fraudulent claims; however, some users may believe the message comes from the official source and are therefore tricked into providing sensitive information, or even sending money.

The risk could be that said people would disguise themselves as some people you might know or use their media channels to message you. The scammer may mask their usernames as officials of the forum, chat, server etc.

Again, should you come across a message or user, we strongly advise that you block the user from contacting you, report the account and do not reply, open any links, or download any files from such accounts. Always double check on why would you be asked to do something from said individual, even if he is your long time social media friend.


This is another one of the more commonly known ways that bad actors try and manipulate you to send them money, disclose your personal information, or get access to your information or systems.

Visiting unsecured websites, downloading infected files or attachments and running infected software are the most common ways how to get your PC/Browser/Device infected with miscellaneous programs or codes. The most common one, however, is where your browser opens a page that will not let you access other pages or pop up every so often. It will have a threat that your PC is infected or you have illegal materials on your PC, and they will contact the authorities if you do not pay them.

Sometimes, through infected programs, the scammer can have partial or even full access to your PC, which could range from enabling them to see what you are typing, to directly locking you out of your device and demanding money from you to unblock it.

The first two instances can be solved by resetting your browser's cache; however, the latter ones should be solved by contacting support of the afflicted OS, device or system. More serious cases might involve your device being stealthily manipulated without you even knowing it, this can be mitigated by having the latest security updates for all your programs and a dedicated security/antivirus program to catch any dangerous threats.

Did this answer your question?