Blockstream, an infrastructure and equipment portfolio provider, has issued a new phishing campaign by email trying to target users of Jade BlockStream equipment wallet.
The company confirmed on Friday that it never sends firmware files by e-mail and said that no data had been compromised in the attack.
Phishing attacks are designed to steal cryptography and sensitive user information through apparently legitimate communication. According to Blockstream, the email presented a simple message that directed users to download the latest version of the Jade Blockstream portfolio firmware by clicking on a link, which was malicious.
Phishing scams cost Crypto users more than $ 12 million in August and affected more than 15,000 victims – an increase of 67% compared to July, according to the anti -scam scam.
As phishing campaigns and other cryptographic scams increase in complexity and diversity, crypto users must exercise an increased feeling of awareness and take online security measures to protect their funds and sensitive information from theft.
In relation: Crypto flights reached $ 163 million in August as a pirate lag strategy
Stay safe in the middle of a growing threat landscape
Crypto users have lost more than $ 3.1 billion due to scams and pirates in the first half of 2025, a strong increase compared to 2024, according to a report by the Hacken blockchain security company.
Phishing scams are designed to catch users off guard by rating malware designed to steal data into disguised messages to look like renowned cryptography companies.
As a general rule, this implies a customer service email sent to the target warning of an imminent account closure, a flight, a violation of cybersecurity or another problem, and to request keys or private passwords from a user to solve the problem.
Users can avoid phishing scams by checking URL addresses with double verification to ensure that websites are legitimate.
Scammers will often create URLs which are almost identical to the legitimate cryptography websites, with one or two small errors, such as the inclusion or exclusion of periods or the substitution of the letter “O” with the zero and vice versa number.
Users must also sign the trusted pages instead of manually entering the URL in the search bar or relying on search engines. Even paid advertisements grow at the top of popular search engines and google engines can be scams.
Other good practices include completely avoiding the links of unknown shipowners, using a virtual private network (VPN) to hide IP addresses and locations, and the verification of e-mails and websites for spelling or grammatical errors.
Review: 55 million dollars deffi saver phish, Copy2pwn diverts your clipboard: dry crypto