---
title: "Scammers Launch Massive PayPal and MetaMask Phishing Campaigns | Phish Protection"
description: "In one of the latest phishing scams, malicious actors are impersonating popular platforms like PayPal and MetaMask to target unsuspecting victims."
image: "https://phishprotection.com/og/blog/scammers-launch-massive-paypal-and-metamask-phishing-campaigns.png"
canonical: "https://phishprotection.com/blog/scammers-launch-massive-paypal-and-metamask-phishing-campaigns/"
---

Quick Answer

In one of the latest phishing scams, malicious actors are impersonating popular platforms like \*\*PayPal and MetaMask\*\* to target unsuspecting victims. The gravity of this cyber onslaught has been intense enough to prompt the

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fscammers-launch-massive-paypal-and-metamask-phishing-campaigns%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Scammers%20Launch%20Massive%20PayPal%20and%20MetaMask%20Phishing%20Campaigns&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fscammers-launch-massive-paypal-and-metamask-phishing-campaigns%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fscammers-launch-massive-paypal-and-metamask-phishing-campaigns%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fscammers-launch-massive-paypal-and-metamask-phishing-campaigns%2F&title=Scammers%20Launch%20Massive%20PayPal%20and%20MetaMask%20Phishing%20Campaigns "Share on Reddit") [ ](mailto:?subject=Scammers%20Launch%20Massive%20PayPal%20and%20MetaMask%20Phishing%20Campaigns&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fscammers-launch-massive-paypal-and-metamask-phishing-campaigns%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-service-0693.jpg) 

In one of the latest phishing scams, malicious actors are impersonating popular platforms like **PayPal and MetaMask** to target unsuspecting victims. The gravity of this cyber onslaught has been intense enough to prompt the_[ \_ Federal Trade Commission (FTC) \_](https://consumer.ftc.gov/consumer-alerts/2023/05/those-urgent-emails-metamask-and-paypal-are-phishing-scams)_to warn internet users.

Large-scale phishing campaigns are nothing new in the digital era. Scammers have been **crafty** enough to impersonate emails from reputed platforms to exploit human weakness with a **sense of urgency**. The fraudsters leverage user anxiety related to finances and claim that the MetaMask [cryptocurrency](/phishing/cryptocurrency-phishing-scams-2022s-top-latest-threat-revealed-security-regulators) wallets would be blocked if they don’t ‘act fast,’ ‘click a link,’ or ‘update their wallet.’

The **fake emails** imitating PayPal claim that the payments to the crypto exchange Binance have been canceled. The fraudsters further provide a phone number to potential victims to reach out to PayPal.

Clicking on the deceitful links provided by the imposters in emails or reaching out to the phone numbers they specify puts the victims at risk of **losing money** or confidential information. The [social engineering](/phishing-awareness/social-engineering-attack-twilio-compromises-employee-accounts-customer-data) scam can also lead to cryptocurrency thefts, given that scammers ask for sensitive information like payment details and account passwords.

### Threat Actors Closely Imitate Genuine PayPal and MetaMask Platforms

For an unsuspecting user, evaluating the legitimacy of these emails turn out to be challenging. [Threat actors](/phishing-awareness/threat-actors-using-malicious-onenote-attachments-to-spread-malware-via-phishing-emails) closely imitate legitimate platforms with close attention to details, decorating the PayPal email using **authentic-looking logos** and fonts. The imposters even include an invoice in the emails to demonstrate their legitimacy. It prompts even tech-savvy individuals to fall prey to the scam.

The sense of urgency, which typically characterizes a phishing scam, is also evident in the MetaMask emails. The scammers urge the recipients to upgrade their wallets before a specific date to retain access to their **crypto assets** and keep them secure.

![Anti phishing service](https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-service-0693.jpg) 

### FTC’s Advice to Identify Phishing Emails Before Responding

FTC’s warning regarding the latest [phishing](/resources/what-is-phishing) scams recommends the primary **line of defense**. The Commission points out that most of these emails would carry a sense of urgency. It’s out of financial anxiety that users respond to these snares without giving them a second thought.

_Genuine organizations usually don’t send **pressing emails**._ Hence, users receiving these emails should take guard against being a victim. Calling the number or clicking on the links in emails would lead to your financial or [personal information](https://cybernews.com/security/andrey-meshkov-adguard-before-entering-your-personal-information-consider-what-will-happen-to-it-later/) theft.

The Federal Trade Commission has also recommended some measures for email recipients to stay secure.

## Firstly, the Commission urges the users to slow down and think about whether or not they have an account with PayPal or MetaMask. Next, the user should try to **identify the sender**. Chances are high that the email would be sent from an unknown person impersonating these platforms. If in doubt, **contact the organization** through their official website or genuine customer care department to check out the facts.

Never click the links sent through emails or texts without verifying the sender’s identity. Scammers are smart enough to install [malware](/content/protection-against-malware/what-is-malware) on your system once you click.

The Commission also urges users to update their security software to secure their information systems or mobile devices from [security threats](https://www.enisa.europa.eu/news/cybersecurity-threats-fast-forward-2030). Failure to do so might lead to compromise of financial or confidential information.

### What To Do If You Receive a Phishing Email?

_The best action is to ignore the phishing email or delete it altogether._ Responding to these emails would escalate your **risk quotient**. In addition, one must follow the below steps to remain fully secure.

To secure yourself from unsolicited emails and phishing scams, download **advanced malware removal tools** and update your existing antivirus. Get endpoint [phishing protection software](/) to detect malicious software that might already be concealed in your system.

Never click on links sent through emails from unknown senders. In case of **suspicious activity**, authenticate the sender’s identity or contact the organization through their official portal. _Verify the sender’s email ID and check whether it matches the official ID on the website._

The FTC advises **reporting** phishing emails to

[reportphishing@apwg.org](mailto:reportphishing@apwg.org)

if you receive one. In addition, delete it from your system to stay secure.

If you accidentally click on one of the [malicious links](https://www.euractiv.com/section/cybersecurity/news/malicious-links-still-on-eu-commission-website-as-hackers-change-tactics/), immediately change your login credentials. Also, **enable MFA (Multi-factor authentication)** and scrutinize your account for unsolicited activity.

![Anti phishing](https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-0964.jpg) 

### Final Words

Chainalysis, a blockchain analysis firm, reveals that **crypto-based** scams cost businesses[$6 billion](https://cybernews.com/news/paypal-metamask-email-scams/)last year. Malicious actors are likely to exploit vulnerabilities even more in the coming months. A CNBC report states that crypto scammers robbed internet users of[$14 billion in 2021](https://www.cnbc.com/2022/01/06/crypto-scammers-took-a-record-14-billion-in-2021-chainalysis.html#:~:text=Scammers%20around%20the%20world%20took,%243.2%20billion%20worth%20of%20cryptocurrency.). That calls for additional cyber hygiene to stay secure.

With threat actors innovating new tactics to steal personal and financial credentials, it pays to remain informed against **large-scale phishing** scams and establish your line of defense .

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Scammers Launch Massive PayPal and MetaMask Phishing Campaigns","description":"In one of the latest phishing scams, malicious actors are impersonating popular platforms like PayPal and MetaMask to target unsuspecting victims.","url":"https://phishprotection.com/blog/scammers-launch-massive-paypal-and-metamask-phishing-campaigns/","datePublished":"2023-05-22T06:36:21.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-05-22T06:36:21.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/scammers-launch-massive-paypal-and-metamask-phishing-campaigns/"},"articleSection":"foundational","keywords":"Phishing","wordCount":819,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/05/anti-phishing-service-0693.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Scammers Launch Massive PayPal and MetaMask Phishing Campaigns","item":"https://phishprotection.com/blog/scammers-launch-massive-paypal-and-metamask-phishing-campaigns/"}]}
```