PANews reported on February 7 that according to Cointelegraph, phishing scammers are trying to steal private keys from users of Solana-based crypto wallet Phantom through pop-up windows that impersonate legitimate update requests. Web3 scam detection platform Scam Sniffer issued a warning on the X platform on February 6, saying that scammers are connecting to real Phantom wallets and trying to deceive users with a fake "update extension" signature request. If the victim approves the request, a prompt will pop up asking them to enter a mnemonic. Once entered, the scammers will have full access to the wallet and transfer their funds away.

To identify malicious pop-ups, Scam Sniffer recommends right-clicking on the link, as "phishing pages block right-clicks," while the real Phantom wallet window does not restrict this action. The platform also recommends checking the URL, as the real Phantom pop-up window contains "chrome-extension" in the link, which the scam page cannot imitate.