We have learned that a phishing email with the subject line: “1% DOT allocation for KSMs stakeholders” is being circulated from a fraudulent version of the Polkadot.JS domain. Do not respond to this email; it was not sent from the Web3 Foundation nor from our Kusama or Polkadot accounts.
This sophisticated phishing attempt also includes a fake “Kusama Network” account on Medium with a blog post titled: “DOT airdrop for Kusama stakeholders.” Do not follow the instructions in this blog; it is not an official Kusama account or communication.
This Medium post also points to a fake website (polkadot-js[.]org) - this is not a legitimate Polkadot website. Do not upload your JSON file - this will compromise your Polkadot address and private key.
We are investigating the incident and will update the community with any new details. In the meantime, we urge extreme caution. Official updates on this situation will be pinned to our Twitter accounts for @web3foundation, @kusamanetwork and @polkadotnetwork.
Please contact us at firstname.lastname@example.org with any questions.