Quickly spot scams in blockchain
Because of the unique anonymity and unalterable nature of the blockchain, it has directly or indirectly triggered the evil intentions of criminals. At the same time, criminals' means of committing crimes are also constantly "upgraded", not only keeping up with popular innovations, but also being extremely deceptive, and some scammers even integrate fraudulent tool codes for sale and spread, which causes "newbie users" loss of assets. Today, I will tell you how to quickly identify scams in the blockchain.
This type of fraud usually involves gang crimes. Scammers register function variable names similar to the official website, and use tools to create the same page as the official website and replicate the mobile APP to add custom functions, then make posters for publicity and promotion. Common users cannot spot the real and fake. If the malicious approval is to defraud authorized assets, this type of replica fraud is to directly obtain the user's private key or mnemonic, so as to steal all the user's assets.
Highly similar pages and mobile APPs will make users relax their vigilance and enter private keys or mnemonics. At this time, the fake APP will synchronize the user's private key mnemonics through its backend, thereby stealing the user's assets. For example, the recently found www.tokenpocketpro.net (the name of the function variable of the tail code such as ce, cc) is a typical replica fraud.
Risk warning: When using wallets or participating in any activities, please check whether it is an official website or not. Please download and use APP through the official website, and do not import and use the APP through other three-party links in the search engine. Please identify the only official website of TokenPocket wallet: www.tokenpocket.pro.
1、The scammer uses the batch transfer tool to send a certain amount of tokens to the designated addresses, and attaches a postscript (MEMO) including: visiting the designated link can exchange the airdrops into mainstream assets, when the user accesses the link and completes the approval (authorization) , the scammers can transfer assets to other addresses;
2、The scammer conducts precise airdrops to specific addresses (such as the addresses with large assets), and the user will want to swap the airdrop to other mainstream tokens, but they can’t complete the transaction due to the high slippage, so the user uses the token name (such as zepe.io) to open the link and perform authorization, therefore lose assets.
3、Use some well-known tokens or ecosystem to make bait and produce text links or poster promotion, such as BTT airdrops, NFT mining and other false content. Once users open the link and perform approval, the authorized assets will be transferred out.
Risk warning: Approve is authorization. It allows token holders to give a certain permission to an account by calling the approve method. if authorized to malicious accounts, those approved assets are extremely risky.
The malicious authorization has developed into the main reason for the fraud and theft of tokens, because it is somewhat confusing on a technicality, especially for new users, and they think that there will be no problem if the mnemonic or private key is not leaked. However, malicious authorization will directly lead to the loss of approved assets.
All airdrops must be verified from official channels, and any airdrops without official verification may be scams.
1、There are always people who are eager to privately chat with you to help solve the problem in the telegram community. At the beginning, they may charge you some fees. Over time, they begin to target users' assets, and develop extension wallets for fishing and lure users to use them. When users import mnemonic phrases or private keys, scammers will transfer your assets immediately;
2、The scammer sends a text message pretending to be an official platform, informing that "the account is at risk", "the account is suspected of black money trading", etc., and attaches a link to a fake official website. Once the user enters the account, password, verification code, etc. as required, the scammer will grasp this information and steal assets.
3、The scammer deliberately displays the private key or mnemonic in a high-profile manner on the media platform, lying to leave the token circle because of frustration or other reasons, and want to give the tokens in the wallet to the destined person. The user imports the private key or mnemonic into the wallet and sees the assets, but it prompts that the gas fee is required when transferring it out. When you are delighted to deposit the gas fee, the swindler will use the tool to transfer the assets ahead of you, that is really more bang for the buck.
Risk reminder: There are more and more fraud channels, which will make us linger on the edge of risk if we are not careful. Phishing scams are relatively secretive, and the tools or pages created by scammers are very sophisticated, and it is easy to be tricked.
There is no free lunch in the world. We must keep our private keys and mnemonics safe, and do not arbitrarily share them. We do not want to penny wise and pound foolish. Many scammers are highly technical, and ordinary users will never outperform "scientists".
1、Promote a project on the community platform and claim to be the process of online and financing, etc., linking the high-level packaging of the project with various KOL or platforms to campaign. When the user trusts them and transfer the assets to the designated address, the scammers run away;
2、Some projects promise high returns with low investment, and even higher for pyramid marketing. Users are required to deposit USDT and other assets for mining, but the scammers will run away after users deposit assets; those who do not know the truth are easily deceived;
3、The salesman claims to make big money through opening positions, and displays his trading records and withdrawal records to attract users, almost all of which have earned more than several times. Users invest in the trading platform recommended by the salesman and have high returns in the early stage, so they increase their investment, and the trading platform runs away.
Risk warning: There are various mining DApps on the blockchain. If you choose a platform that has not undergone security audits and open source, there will be a lot of hidden dangers. It is safe to store your assets in your own wallet; Don't believe the so-called high returns with low investment. What you care about is high returns, but what the scammer cares about is your principal.
The anonymity, irreversibility and other features of blockchain determine that it will have some uncertainty and risk, so you must think again before participate in any project; always remember that you must be vigilant for those investments that promise high returns, and be brave to doubt everything, because once the transfer is completed, the assets belong to the other party and are irreversible.
1、Impersonate the official platform of an exchange to inform your account assets are abnormal and need identity information to unfreeze your assets through text messages or phone calls, which can accurately state your account information. Once the users believe them and enter information, their assets will be lost.
2、Eagerly to answer users’ questions in the community, privately friend users after gaining the trust, and ask for a private key or mnemonic in the name of helping to solve the problem, once a user provides the private key or mnemonic, their assets are stolen.
3、Privately built unofficial communities which are highly similar with the official one, and pulling people around to Impersonate be official customer service to obtain users' private keys or mnemonics, thereby stealing their assets;
4、Posing as an official platform, the scammers lie that they can help to buy low-priced tokens from a new project, but they will disappear once the user transfers the money
Risk warning: The internet community is also a social scene with baddies and good people mixed together. Under the guise of official authority, fraudsters use the user information purchased on the internet to cause fear in the victim's psychology and conduct accurate fraud; the root cause of community-related problems is that users cannot follow the principle that the private key or mnemonic cannot be leaked out, which leads to being deceived.
Keep your private key and mnemonic and other privacy not leaked to anyone, and backup and safekeep against lost; For exchange-like fraud, please contact the exchange customer service to check and verify in time.