As a seasoned analyst with years of experience observing the cryptocurrency landscape, I can’t help but feel a mix of dismay and intrigue when reading about the latest phishing scams targeting unsuspecting users. The use of off-chain authorization signatures for token transfers has indeed brought convenience to many, but as we see time and again, these advancements often come with a darker side that preys on the inexperienced or careless.
Based on reports from the blockchain security company Scam Sniffer, an individual has unfortunately just lost approximately 15,079 units of fwDETH, equivalent to around $35 million, due to a fraudulent phishing scheme.
With the introduction of Ethereum Improvement Proposal (EIP) 2612, a feature called “gasless transfer” for tokens was implemented, enabling the movement of tokens without gas costs.
An off-chain authorization signature allows someone else to transfer tokens from their account.
Typically, transferring ERC-20 tokens involves a two-stage process: first, confirming a transaction on the blockchain by paying a gas fee, and second, moving a specific number of tokens to another account. The “permit” feature allows for this approval process to occur off-chain, which not only reduces gas fees but also makes transactions more straightforward for users.
By enhancing convenience and adaptability, this feature simultaneously created an opportunity for cunning fraudsters to mislead unsuspecting users and take their funds.
Users may unwittingly consent to harmful actions, which in turn enables cybercriminals to pilfer digital assets directly from their websites during regular business hours.
Based on information from Scam Sniffer, it appears that phishing scams centering around transactions involving ERC-20 tokens have become the most common type. Interestingly, these scams often succeed by deceiving victims into signing malicious transactions using accounts that mimic popular social media profiles.
Previously, a blockchain security company unmasked the Inferno Drainer gang, known for tricking numerous individuals into their trap by crafting fraudulent websites resembling renowned cryptocurrency initiatives. These deceitful sites were used to entice victims into executing digital signatures off the chain.
2023 saw crypto users losing over $300 million through phishing scams, as reported by Scam Sniffer in January.
Read More
- LUNC PREDICTION. LUNC cryptocurrency
- SOL PREDICTION. SOL cryptocurrency
- BTC PREDICTION. BTC cryptocurrency
- BICO PREDICTION. BICO cryptocurrency
- USD COP PREDICTION
- USD CLP PREDICTION
- USD ZAR PREDICTION
- VANRY PREDICTION. VANRY cryptocurrency
- USD PHP PREDICTION
- BSW PREDICTION. BSW cryptocurrency
2024-10-11 20:03