Mobiles, Laptops & Gadgets

Just get phishing scammers out of your way

Just get phishing scammers out of your way
Just get phishing scammers out of your way

Presented by Web3 Antivirus

A follow-up to Web3 is about how to avoid expensive mistakes while looking for opportunities.

It happens all the time. As you browse through tech communities, Web3 platforms or services, you come across a requirement to connect your existing wallet. If you don’t know you want to deal with the service, you should give access to your funds right away. If it is about to drain your account, what will you do?

This doesn’t inspire a relaxing user experience within Web3 and isn’t indicative of progress in the overall adoption. We can all be taken off guard by the increasingly inventive scam and fakes. We had to research, code, test-drive, and finally roll out Web3 Antivirus after this.

Phishers knocked on our door themselves

Our mission chose us, so we didn’t have a say in that. We received an email on our Dribbble account while we were busy polishing Web3 Antivirus. There was a job offer for the creation of an NFT collection.

Image_0

To assess the page’s current look and feel while giving a rough estimate, we were told to check in on a specific website. If you have trouble logging in, you will need to connect to the first window and approve the signature request in the second window. This is a fraud protection with multi-accounts and the wallet has to have a balance.

Imagine how alert we were. It couldn’t be a better time to get the game on, and so we did. As our solution investigated suspicious schemes behind signing the smart contract in question, the request turned out to be good old phish. All of our token would have gone into the air.

Image_1

If it weren’t for W3A, we could have signed a blank check, as the page camouflaged the scam with a basic “login with MetaMask” procedure. The scam was behind something. It was just the eth_sign method and all of your assets were the target. Say you confirm it and kiss your token goodbye.

Image_2

We told the Dribbble team about the social engineering scheme immediately, and the CEO appreciated our warning.

Image_3

Image_4

Waving scams goodbye is now easier

The Bored Ape Yacht Club NFTs were stolen through a hack similar to the one we described. Users are more likely to enter malicious websites and sign secret messages if they are encouraged to sign fake airdrop links.

These messages are free of gas fees and are invisible on the blockchain. Once a user signs them, hackers have easy permission to transfer assets.

We have meticulously crafted mechanisms to fight these frauds. Web3 is well-equipped to detect threats such as wallet draining risks, smart contract vulnerabilities, and malicious logic. We are a trust-first team, so we won’t be asking for access to user seed phrase, wallet, and assets.

What are the major kinds of vulnerabilities that W3A flag? It’s anything from improper access control and Ponzi schemes to miner extractable value, re-entrancy, and far beyond. All the transactions involved in smart contracts are mimicked in a matter of seconds by Web3 Antivirus.

Image_5

Web3 is able to generate a report with an overall score of threats based on a massive underlying risk matrix. You get all the data to make a decision. Risks seem reasonable? If you reject the transaction, you’re free to sign it.

Learn more about Web3 Antivirus

Alex Dulub is on the Forbes Technology Council. He has been running an R&D company specializing in digital transformation for 14 years. Ex-blockchain lead for several companies.

9 years in the field of smart contract consulting, audit, and development, building DLT solutions from custom design L1 protocols and ecosystems to comprehensive research involving ZK implementations

It is possible that this is not accurate. The content and product on this page are not endorsed by the cointelegraph. Readers should do their own research before taking any actions related to the company and this article cannot be considered as investment advice.

Related posts
Mobiles, Laptops & Gadgets

Understanding Cyberwarfare: A Deep Dive into Practical Examples

Individual PrivacyMobiles, Laptops & Gadgets

Protecting Your Digital Identity: A Comprehensive Guide to Online Privacy

Individual PrivacyMobiles, Laptops & Gadgets

Secure Mobile Apps: Boost Phone Security, Privacy 2023

Mobiles, Laptops & Gadgets

McDonald’s earnings haven’t been hit by higher prices, as ‘it just