In a concerning turn of events, Friend.Tech, the decentralized social network, is grappling with a surge in phishing attacks orchestrated by individuals posing as journalists, warns blockchain security firm SlowMist. The assailants exploit a cunning strategy, manipulating users into compromising their Friend.Tech credentials and risk of theft of associated funds.
The attackers, as identified by SlowMist, specifically target Key Opinion Leaders (KOLs) on Friend.Tech, creating a false sense of community by infiltrating the target’s Twitter network. The perpetrators go a step further by scheduling interviews and directing users to join Telegram for the supposed legitimate interaction, enticing them with the prospect of publication on a reputable news website.
SlowMist emphasizes the severity of such attacks, pointing out that the theft of the independent password (2FA) for Friend.Tech exposes users to the risk of losing not only their account but also the associated wallet Privy, including the embedded tokens.
To prevent falling victim to such phishing attacks, SlowMist advocates for increased awareness of social engineering tactics, caution against clicking unfamiliar links, and education on recognizing phishing indicators, such as misspellings or excessive punctuation in domain names. Additionally, users are urged to install anti-phishing plugins.
This incident isn’t the first instance of friend.tech users facing digital asset theft. Notably, SIM card manipulation targeted users last month, prompting the introduction of a 2FA password feature by the platform to enhance security against such attacks.