Airdrop token “phishing”

Recently, users’ve received airdrop tokens when they checked their transaction records. And it will be found that there is a link in memo line when click the transactions and noticed that the airdrop tokens can be exchanged for TRX. If users open the link and exchange airdrop tokens for TRX, their USDT will be maliciously approved, resulting in assets lost.

Airdrop phishing information

Test execution authorization
Test execution authorization
It is very common page after clicking the phishing link, but when you enter the amount of airdrop tokens to exchange for TRX, nearly 20,000 TRX can be received, which will attract you to perform authorization without hesitation. And then you will see “Approve” shown on the page. After authorization, your USDT will be maliciously authorized, and the hacker can easily transfer your all assets. For most of the beginners, they are basically unable to recognize this kind of phishing trap.

Do not to visit unknown links (private keys, mnemonic phrase phishing), and do not visit insecure airdrop websites. When using scan code to transfer, pay attention to check whether the operation is abnormal, and beware of scammers replacing the QR code to scam.

In the new version of TokenPocket, security notices have been added when transferring, receiving and scanning QR code.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store