#空投防骗手册

1. Common Types of Airdrop Scams and Identification

Fake Official Websites

Tactic: Faking a website similar to a real project, luring users to connect their wallets or fill in sensitive information, and then stealing assets.

Identification Features: Abnormal domain suffixes (e.g., .com changed to .cn), unverified search engine links, URLs posted by unofficial social media accounts.

Authorization Token Theft

Tactic: Requesting users to authorize unknown smart contracts, using permissions to empty wallets.

High-Risk Operations: Not verifying the contract address when clicking the “Approve” button or not regularly revoking unused authorizations.

Fake KYC (Identity Verification)

Tactic: Requesting ID cards and facial information under the guise of compliance, reselling data or extorting users.

Identification Points: Legitimate KYC will not ask for private keys or mnemonic phrases; be wary of requests from unknown platforms.

Fake Customer Service Scams

Tactic: Impersonating official customer service to privately message users, tricking them into providing mnemonic phrases or private keys under the pretext of “account abnormalities.”

Prevention Principle: Official customer service will not request sensitive information via private messages; verification should be done through official website or verified blue channels.

High-Yield Traps

Tactic: Claiming annual returns exceeding 1000%, luring users to stake and then running away with the funds.

Warning Signals: Promising no-risk high returns, contracts not open-sourced or unaudited.

2. Core Prevention Measures

Information Verification and Channel Management

Official Website Verification: Manually enter the official website address to avoid clicking on third-party links; check the domain registration time and record information.

Social Account Identification: Only trust pinned announcements from official blue-v accounts, be wary of phishing links posted by impersonating accounts in comment sections.

Wallet and Authorization Security

Authorization Management: Use tools (such as revoke.cash) to regularly clean up useless contract authorizations; conduct small tests before larger transactions.

Wallet Isolation: Create a dedicated airdrop wallet to avoid exposing the main wallet to risks.

Sensitive Information Protection

Private Key/Mnemonic Phrase: Never provide to others under any circumstances, including “customer service” or “technical support.”

Identity Information Handling: Add watermarks (such as “for XX project use only”) when submitting KYC to prevent data reselling.

Beware of Psychological Manipulation

Time Pressure: Maintain skepticism towards phrases like “limited time offer” or “limited slots,” and avoid hasty decisions.