Trap Phishing On Trusted Platforms
Learn how a new phishing trend manipulates Web3 users on trusted platforms through deceptive job ads, fake airdrops, and counterfeit NFT sales.
Rewards
Go Back
🕒 8:21 AM
📅 May 22, 2025
✍️ By ethangeorge
Phishers create traps on trusted platforms like exchanges and NFT marketplaces, luring users to phishing websites where they can install malware and steal private keys.
How the Phishing Works
Attackers disguise themselves as legitimate Web3 projects or game developers and spread false job ads, airdrops, and NFT collections to redirect users to phishing sites.
Once on the phishing site, users are encouraged to download a malicious game client or wallet, compromising their private keys and leaving their assets vulnerable.
Malware Types:
Deceptive Password Acquisition: The malware prompts users to input their passwords through a fake pop-up window.
Reading Sensitive Information: It scans browsers and wallets to locate and steal private keys.
Compressing and Transmitting Data: The data is compressed and sent to a remote server with a base64-encoded IP address.
How to Stay Safe
Verify software sources and avoid suspicious links.
Do not provide private keys or download unknown software.
Regularly update antivirus software for better protection.