SlowMist, a prominent firm for blockchain security and audit, has brought attention to a recent danger surrounding the Web3 digital wilderness. Reportedly, a Web3 user got scammed with more than $20,000 while interacting with a fake website, a lookalike domain of the ChangeNOW website. Through this loss, the growing risk and the sophistication of phishing attacks are spotlighted. There is an urgent need for proactive user education.
SlowMist Security AlertA user lost over $20K after visiting a fake @ChangeNOW_io site.Notice the letter “e” in Pic 1?It’s a #Punycode attack — a trick we’ve covered in the blockchain dark forest selfguard handbook(Pic 2).Beware of browser recommendations — they may… pic.twitter.com/iSyJO9XefT
— SlowMist (@SlowMist_Team) May 11, 2025
Modern Phishing Schemes Deceive with Punycode Threat
The in-questioned scam was planned with a Punycode attack. Punycode is a website attackers’ tactic to create a fake website address that resembles the real one. To advance this, they use special characters from other languages to create malicious URLs. In this attack, a single letter “Cyrilic e” was inserted in the fake website address to trick the victim.
This tactic is barely noticeable for the common eye. The user, while considering it the legitimate ChangeNOW site, has lost over $20k. The complete detail of this method is covered in SlowMist’s “Blockchain Dark Forest Self-Guard Handbook”. It highlights the need for awareness in the rapidly evolving crypto landscape.
SlowMist to Advise Cross-Check Verification to Outsmart Crypto Scams
SlowMist strongly recommends users to go with multi-step verifications before engaging with any Web3 platform. A complete reliance on the browser’s suggestion is not enough, even a single project link on their official X account is not trustworthy. SlowMist recommends users to check and validate the website’s domains utilizing platforms like CoinMarketCap, CoinGecko, or DefiLlama. These all platforms use to list the link of an authorized project.
Moreover, for further protection, SlowMist advises checking an account’s legitimacy through its follower count, account age, and verification badges. However, the platform stresses the need for a multi-step verification strategy to avoid scams. With the continuous evolution of phishing tactics, the users’ defense mechanism is also enhanced. SlowMist further recommends users stay alert and count the trusted websites.