After crypto phishers stole more than $400 million in the first half of 2025, MetaMask, Phantom, and other major cryptocurrency wallets partnered with Security Alliance to launch a global phishing protection network.
“We have worked together to launch a global phishing protection network that can protect more users across our ecosystem,” the MetaMask team said on Wednesday.
SEAL said the new defense network will “enable everyone in the world to build a decentralized immune system for cryptographic security that can prevent the next big phishing attack.”
“Decentralized Immune System” includes MetaMask, Phantom, WalletConnect, and Backpack.
This will operate in conjunction with the SEAL’s Verifiable Phishing Report system, which was announced last week. This new tool allows security researchers to prove that malicious websites actually contain the phishing content that users claim they are viewing.
Fight against virtual currency leakers
A growing problem, the SEAL explained, is cryptocurrency leakers evolving tactics to evade traditional defenses.
New ways to lure victims include rotating landing pages faster when blocklists are updated, moving to offshore hosting when infrastructure providers are cracking down, and using cloaking techniques to avoid automated scans.
Related: Crypto Hacking Losses Drop 37% in Q3 as Tactics Shift to Wallets
“Draining is always a cat and mouse game,” said Om Shah, a security researcher at MetaMask.
He added that by working with SEALs, Wallet teams can become more agile and apply research into practice, allowing them to “effectively throw a wrench into the drainer’s infrastructure.”
Deploy to as many wallets as possible
This partnership enables an end-to-end pipeline where user-submitted reports are automatically verified and shared across all participating wallets, providing instant protection against emerging phishing threats.
“Anyone with a valid report can issue phishing alerts to the entire network participants in real time, without the need for special permissions,” the SEAL explained.
“This means faster response times to new phishing threats and more money saved. We want to make this data available to as many wallets as possible.”
According to CertiK, phishing attacks were the most common security incident in the first half of this year, resulting in more than $400 million in cryptocurrency theft.
Magazine: Ether price goes ‘nuclear’, Ripple seeks $1 billion in XRP purchases: Hodler’s Digest
