BlockSec, a cybersecurity firm, recently discovered a new phishing method that combines the features of fake tokens and zero-value transfer scams. The scammers create several fake token contracts with the same symbol as real tokens, such as USDC, USDT, and DAI.
After monitoring a user initiates a large transfer to a certain address, typically above $10,000, the scammers will forge an address that is very similar to the previous transfer target. They then send a fake token of the same amount to a fake address, imitating the user’s real transfer.
If the user mistakenly believes that the fake address is one that they have transferred to before and copies it, they fall into the phishing trap and transfer their money to the scammers. This new type of phishing is similar to the previous “zero-transfer” scam and is difficult to detect.
It is important to be vigilant and not readily copy the address of a small deposit without verifying its authenticity. If you see the exact amount of the token transfer and a similar address to your previous transaction in the transaction history, be careful. Do not just copy and paste the address!
This scam can be prevented by double-checking the recipient’s address before sending any funds, says BlockSec. Always ensure that the address is correct, and do not rely solely on the similarity of addresses or token symbols.
It is crucial to be aware of such scams and take necessary precautions to avoid falling victim to them. Cybersecurity experts recommend using multi-factor authentication and keeping software up-to-date to protect yourself against phishing attacks.
This new phishing method is a reminder that scammers are always finding new ways to deceive people and steal their money. Stay alert and stay safe.