Entering a new cycle, the risk of online interaction has increased as user activity has increased. Phishers typically use methods such as creating fake wallet websites, stealing social media accounts, creating malicious browser plugins, sending phishing emails and messages, and releasing fake applications to lure users into disclosing sensitive information, leading to asset loss. Phishing forms and scenarios exhibit characteristics such as diversity, complexity, and stealth.
For example, phishers generally create fake websites that resemble legitimate wallet websites to trick users into entering their private keys or mnemonic phrases. These fake websites are often promoted through social media, emails, or advertisements, misleading users into thinking they are accessing legitimate wallet services and stealing their assets. In addition, phishers may impersonate wallet customer service or community administrators on social media platforms, forums, or instant messaging applications, and send false messages to users requesting their wallet information or private keys. This method exploits users’ trust in official sources and tricks them into disclosing personal information.
In summary, these cases highlight the threat of phishing to Web3 wallet users. To help users improve their awareness of Web3 wallet security and protect their assets from loss, OKX Web3 conducted in-depth community research and collected numerous phishing incidents experienced by Web3 wallet users. This information was used to identify the four most common phishing scenarios for users and to write a comprehensive guide on how to conduct secure transactions in Web3, using a combination of text and visual examples.
Contents:
– Malicious information sources
– Popular project Twitter replies
– Stealing official Twitter/Discord accounts
– Google search ads
– Fake applications
– Countermeasures: OKX Web3 wallet supports phishing link detection and risk reminders
– Wallet private key security
– Project interaction or qualification verification
– Impersonating project customer service or administrators
– Other possible paths of mnemonic phrase/private key leakage
– The four classic phishing scenarios
– Scene 1: Stealing mainnet tokens
– Scene 2: Transferring to similar addresses
– Scene 3: On-chain authorization
– Scene 4: Off-chain signatures
– Other phishing scenarios
– Scene 5: TRON account permissions
– Scene 6: Solana tokens and account permissions
– Scene 7: EigenLayer calling queueWithdrawal
– Explore the world on-chain with security as the top priority
– Popular project Twitter replies
– In addition, fake accounts often intentionally reply to official tweets, but the replies contain phishing links, which easily deceive users into thinking they are official links and fall victim to scams. Currently, some official accounts include “End of Tweet” in their tweets to remind users of the risk of phishing links in subsequent replies.
Stealing official Twitter/Discord accounts
To increase credibility, phishers also steal project or KOL’s official Twitter/Discord accounts and release phishing links in the name of the official accounts. This often leads to users being easily deceived. For example, Vitalik’s Twitter account and TON project’s official Twitter account have been stolen, and phishers have taken the opportunity to release false information or phishing links.
Google search ads
Phishers sometimes use Google search ads to distribute malicious links. The names displayed in the browser make users believe that they are official domain names, but clicking on the links redirects them to phishing links.
Fake applications
Phishers also use fake applications to deceive users. For example, when users download and install a fake wallet released by a phisher, it leads to the leakage of their private keys and loss of assets. Phishers have previously modified Telegram installation packages, changing the on-chain addresses for receiving and sending tokens, resulting in the loss of users’ assets.
Countermeasures: OKX Web3 wallet supports phishing link detection and risk reminders
Currently, OKX Web3 wallet supports phishing link detection and risk reminders to help users better deal with the above-mentioned issues. For example, when users access websites through the OKX Web3 browser plugin wallet, if the domain name is a known malicious domain, they will receive an alert reminder. In addition, when users use the OKX Web3 app to access third-party DApps on the Discover interface, the OKX Web3 wallet automatically performs risk detection on the domain name. If it is a malicious domain, users will be intercepted and warned not to access it.
Project interaction or qualification verification
Phishers often disguise themselves as wallet plugin pop-up windows or other web pages when users interact with projects or verify qualifications, requesting users to enter mnemonic phrases/private keys. These are generally malicious websites, and users should be vigilant.
Impersonating project customer service or administrators
Phishers often impersonate project customer service or Discord administrators and provide URLs for users to enter mnemonic phrases or private keys. This indicates that they are phishers.
Other possible paths of mnemonic phrase/private key leakage
There are many possible ways for mnemonic phrases and private keys to be leaked, including the computer being infected with Trojan malware, using fingerprint browsers used for adult content, using remote control or proxy tools on the computer, storing mnemonic phrases/private keys in the photo album and being maliciously uploaded by an app, backing up to the cloud, but the cloud platform being compromised, the process of entering mnemonic phrases/private keys being monitored, mnemonic phrases/private keys being obtained by people around, and developers pushing private key code to GitHub.
In conclusion, users need to securely store and use mnemonic phrases/private keys to ensure the security of their wallet assets. OKX Web3 wallet, as a decentralized self-custody wallet, offers multiple methods for backing up mnemonic phrases/private keys, such as iCloud/Google Drive cloud storage, manual backup, and hardware backup. It has become one of the wallets that supports a comprehensive range of private key backup methods on the market, providing users with a secure way to store private keys. Regarding the issue of private key theft, OKX Web3 wallet supports mainstream hardware wallets such as Ledger, Keystone, and Onekey, ensuring that the private keys of hardware wallets are stored in the devices and controlled by users, thereby safeguarding asset security. In other words, OKX Web3 wallet allows users to securely manage their assets through hardware wallets while freely participating in on-chain token trading, NFT markets, and various dApp interactions. In addition, OKX Web3 wallet has now launched MPC non-private key wallets and AA smart contract wallets, helping users further simplify private key issues.
The four classic phishing scenarios:
– Scene 1: Stealing mainnet tokens
– Scene 2: Transferring to similar addresses
– Scene 3: On-chain authorization
– Scene 4: Off-chain signatures
Other phishing scenarios:
– Scene 5: TRON account permissions
– Scene 6: Solana tokens and account permissions
– Scene 7: EigenLayer calling queueWithdrawal
Securely using Web3 wallets is a key measure to protect assets. Users should take preventive measures to guard against potential risks and threats. Choosing a reputable and security-audited wallet like OKX Web3 can allow users to explore the on-chain world more securely.
As the most advanced and feature-rich wallet in the industry, OKX Web3 wallet is fully decentralized and self-custody. It supports a wide range of applications, covering 85+ public chains, with unified apps, plugins, and web interfaces. It covers wallets, DEXs, DeFi, NFT markets, and DApp exploration in five major areas, as well as supporting Ordinals markets, MPC and AA smart contract wallets, gas exchange, and hardware wallet connections. In addition, users can protect their private keys and mnemonic phrases securely, regularly update wallet applications and operating systems, handle links and information cautiously, and enable multi-factor authentication to increase wallet security.
In summary, in the on-chain world, asset security is paramount. Users should remember these three Web3 security rules: Do not enter mnemonic phrases/private keys on any webpage, carefully click the confirmation buttons on wallet transaction interfaces, and be aware that links obtained from Twitter/Discord/search engines may be phishing links.
This article provides official content and does not represent the position or investment advice of this website. Readers must conduct their own careful evaluations.
