Metamask’s New Security Alerts Warn Before Malicious Transactions

BY Lorepunk

February 20, 2024

The creators of Web3 wallet Metamask announced on Feb. 20 that its security tools, which notify users when they’re about to make a potentially malicious transaction, will now be switched on by default.

“Proud to share that Blockaid security is now on by default for all @MetaMask extension users and will soon be on by default on mobile,” the team posted on X.

The tools are provided by security firm Blockaid, and are available across multiple blockchains supported by MetaMask, including Ethereum mainnet, Arbitrum, Polygon, and Avalanche.

Today’s roll-out comes after a beta period, in which the features were integrated into the MetaMask browser extension in January 2024.

The transaction simulation features on the Metamask mobile app and desktop browsers mirror the functionality of products like Pocket Universe and WalletGuard. No data is shared with third parties, preserving your privacy.

On mobile, the feature is engaged if you have Experimental switched on.

With MetaMask celebrating the highest number of monthly active users since the peak of the 2021 bull market—30 million in January 2024—the introduction of the new security feature is aimed at helping it keep its primacy among Web3 wallets in the face of security-focused competitor Rabby and ease-of-use optimized Rainbow Wallet.

While potentially extremely useful, it is essential to note that this feature cannot protect users from all of the attack vectors available to hackers who want to steal crypto assets from users.

For example, the feature does not protect people who enter their seed phrase into a fake version of MetaMask, nor can it protect people who store their seed phrases or private keys on their computers or devices and then lose control of their wallets when their devices are compromised.

It also cannot predict the future; it’s always possible that hackers can find undetectable ways to create malicious transactions. That’s why it’s still essential to establish a protocol of using separate burner wallets for risky transactions and keep assets you don’t need to connect to a dApp in a vault address that never connects to any application.

For particularly valuable NFTs, it’s also a good idea to use software like, which allows you to delegate the privileges and permissions granted by holding an NFT to a proxy wallet.

For complete instructions on how the new feature works and how to enable it, go to MetaMask’s dedicated support page.

It’s important to note that Blockaid isn’t perfect—it has a history of reporting false positives, meaning that some benign transactions or websites get flagged as potentially harmful. Besides inconvenience for users and project builders, false positives can lower a user’s watchfulness or confidence in the warnings over time.

As one security researcher warned, it may be letting through potentially harmful transactions. “Glad @MetaMask is trying to integrate security features, but why isn’t Blockaid detecting this obvious scam tx on a @LineaBuild impersonator site? Please don’t give users the false impression of safety if you won’t detect scams like this,” beausecurity posted on Feb. 20.

For the most accurate protection, it’s advisable not to rely on one source of truth about whether a transaction is malicious. Using a plug-in like Wallet Guard in conjunction with this new feature can be an additional layer of protection.

Dive Deep

Features & Guides