I lost 1000U in a phishing scam in the afternoon

The story is like this. I was chatting happily in the group and said that I wanted to go to Japan to see the dolls. As I was talking, I saw a tweet from BakerySwap on Twitter, and I stupidly clicked in.

Alas, I just clicked in like this. I think it was mainly because I was multitasking.

After entering, it was strange. First, you were asked to sign on the zkSync chain. The signature content was Increase Allowance. I didn’t understand it when I saw it, but I clicked it in a daze; it was not over yet, and it switched to the Ethereum main network and asked to sign again. The content was Grant to transfer ERC1155. I was surprised. Why did I transfer my nft?

I took a closer look at the URL. I was phished. This URL is wrong.

I quickly went to invoke.cash to cancel the authorization.

Muggle reminded me to cancel the signature. Signature and authorization are not in the same tab.

I went to check the chain records and finally figured out that the $HOLD on my zkSync chain was transferred away. The first transfer took away 200, and the second transfer took away 26. A total of more than 1,000 U.

I simplified the process, the real process is more confusing than this.

I just can't figure out which chain is leaking. I cut and cut several chains to see, and also cancelled many previous authorizations, but there is no need to cancel those.

Muggle reminded to install the browser plug-in ScamSniffer. I have seen 0xzhaozhao recommend this plug-in before, but I didn't install it.

In several groups I joined, I see a group member being phished on Twitter every day.

I see a lot of phishing links every day, but I pay attention to them.

I feel that it is mainly while chatting in the group and clicking on the website.

Another friend said that you take the local dog too seriously.

Yes, a million $PUMP sold a total of 10U. I went to check it in the afternoon and lost 1,000U. How SB.

My wallet was stolen once in 2019. That time I lost 7700$LINK