Compiled from the Internet, it is worth publicizing and raising everyone's awareness of prevention.
Web3 wallet is the bridge for us to participate in the decentralized world. Through it, we can participate in NFT transactions, earn coins, mining, etc. Therefore, Web3 wallet is also the key target of scammers.
Recently, criminals have defrauded users of wallet mnemonics, or used fake official mining activities, fake airdrops, high-profit activities, etc. as bait to guide users to click on unknown links to authorize wallets on malicious sites, causing user asset losses. Due to the anonymity and decentralization of digital assets, it is often difficult to recover assets in stolen wallets. Users are advised to be vigilant and guard against being deceived.
Review of fraud techniques
Step1: Scammers guide users to authorize Web3 wallets in various ways, such as contacting users through mining groups, telegram groups, third-party dapp applications in Web3 wallets, etc., and guiding users to open links in the name of high-yield mining.
Step 2: After opening the link provided by the scammer, there will be an official OKLink hyperlink or logo, making users mistakenly believe that it is an official OKLink project, and then guide the user to enter the wallet address to query, and guide the user to authorize the wallet.
Step 3: After obtaining authorization, the scammer will use the contract interaction function of the wallet to quickly transfer the user's assets, including the assets that the subsequent user recharges into the wallet, will be transferred out by the scammer immediately, making it difficult for the user to cancel the wallet even if he finds that he has been cheated. Authorization.
Summary of fraud cases
1. Mining under the official banner (such as DODO coin mining that has been popular recently), mining "OKT", etc., or phishing projects, leading users to click on unknown links, authorize wallets, and transfer user assets.
2. Click on an unfamiliar link, the assets are interacted with by the contract, and then transferred away by the scammer.
3. Click on some unknown project party links to authorize the Web3 wallet, resulting in asset theft.
4. Guide users to pay the handling fee on the grounds of querying the platform URL, etc. After payment, the wallet assets are stolen.
5. Guide users to copy unfamiliar links to the input box on the Web3 wallet discovery page for various reasons, and make relevant connections and authorizations.
How to prevent it?
1. Do not disclose private keys, passwords, mnemonics, and Keystore files to others, and use physical media to back up these data as much as possible, such as copying them on paper and storing them on non-networked hardware. Try to avoid using Internet-connected devices to save and transmit private keys, or take screenshots and photos to save private keys. Don't import the wallet using the private key provided by others and use the wallet to deposit or receive money.
2. Do not easily authorize Web3 wallet to third-party applications with unknown risks. It is recommended that you understand the background of the project and assess the risks of the project party before authorizing/interacting. Do not click on unknown links. Once you authorize your Web3 wallet to some phishing project, the project will obtain your approved permission to transfer the asset amount, thereby transferring the assets of your wallet.
3. Please regularly check whether the Web3 wallet has authorized unfamiliar sites and cancel the authorization in time. If you find that your wallet has been stolen, transfer the remaining assets to a safe address as soon as possible, delete the risky wallet, re-create a new wallet, and contact official customer service if necessary.
