Back to Blog

Protecting Your Assets: Safeguarding Against Phishing Scams in Web3

MetaSleuth
December 14, 2023

What is Phishing in Web3?

As users engage in token trading through blockchain transactions, a new form of phishing scam has surfaced. Unlike conventional phishing scams that focus on obtaining personal or financial information from victims, this particular phishing method aims to pilfer users' assets by exploiting transactions. In essence, scammers deceive victims into signing transactions or messages that enable them to withdraw the victims' tokens. In the upcoming sections, we will delve into various prevalent phishing scams in Web3 and acquire practical strategies to safeguard your assets against them.

Prevalent Phishing Scam Types in Web3

1. Direct Token Transfer

This scam manipulates users into directly transferring their assets to malicious addresses. The success of these scams often relies on sophisticated social engineering techniques. A common variant involves deceiving users into signing a transaction under the pretense of a "security update" or a "claim," which ultimately results in the theft of their assets. This type of scam is typically carried out through the utilization of a Fake Interface Scam.

2. Token Approval / Permit

The Approval and Permit methods allow someone else, known as the spender, to utilize your tokens on your behalf. It is a common practice for users to grant token approvals to DApps to facilitate trading activities. However, granting approvals to malicious actors, such as a phishing address, can lead to financial losses. If the victim fails to realize and revoke the approval, a phishing attack can persist for an extended period of time.

Attack transaction example

3. Attack transaction example

Zero-value transfer scams, also known as "poisoning," occur when phishers manipulate zero-value transfers from a victim's address to a phishing address that resembles the legitimate addresses the victim has previously interacted with. This deceptive tactic aims to trick victims into mistakenly transferring funds to these phishing addresses, resulting in a significant loss of assets.

Victim address example

4. Gas Token Scam

On the Binance Smart Chain (BSC), certain phishers employ airdrop scams, where they distribute fraudulent tokens to victims and persuade them to approve or transfer these tokens. Regrettably, victims unknowingly incur substantial fees when engaging with these scam tokens. These fees are utilized to mint gas tokens to the scammer's address, which are subsequently exchanged for profit.

Phishing transaction example

5. NFT Market Scam

NFTs are a unique form of virtual assets. The prices of NFTs from the same collection exhibit significant variation, making automated transactions through decentralized exchanges (Dex) impractical. As a result, the NFT market has emerged, providing a platform for users to place orders and make purchases in a more facilitated manner. However, scammers exploit these markets by creating malicious orders and steal victims' NFTs.

Phishing transaction example

6. Fake Interface Scam

Users interact with on-chain contracts, such as DApps, through contract interface calls. To enhance user understanding, these interfaces are typically presented in the form of method names. However, it's important to note that the method names may not always accurately represent the specific implementation of the method. For instance, a method named "SecurityUpdate" may not necessarily involve a security upgrade but could instead involve the transfer of the caller's assets.

Phishing transaction example

How to Stay Safe from Phishing in Web3

  • Avoid visiting suspicious websites from untrusted sources and be extremely careful with those that require a connected wallet. Many wallets and explorer extensions can alert you to phishing websites. Tools like MetaMask can help.

  • Double-check the addresses you interact with, including EOAs and contracts. Don't assume they are correct just because the first and last few characters of the address are familiar. For addresses you interact with for the first time, use tools to check their risk, such as AvengerDAO's risk scanner and MetaDock.

  • Regularly check and revoke token allowances. Many tools can help you with this. For example, MetaDock is a browser extension that helps users identify risky approvals by improving the token approvals management feature of blockchain explorers.

  • Use multiple wallets and keep your assets distributed. Store only necessary assets in hot wallets for daily use. Keep the vast majority of assets in more secure cold wallets, such as hardware wallets.

About MetaSleuth

MetaSleuth is a comprehensive platform developed by BlockSec to assist users in effectively tracking and investigating all crypto activities. With MetaSleuth, users can easily track funds, visualize fund flows, monitor real-time fund movements, save important information, and collaborate by sharing their findings with others. Currently, we support 13 different blockchains, including Bitcoin (BTC), Ethereum (ETH), Tron (TRX), Polygon (MATIC), and more.

Website: https://metasleuth.io/

Twitter: @MetaSleuth

Telegram: https://t.me/MetaSleuthTeam

Sign up for the latest updates
Building a Secure Stablecoin Payment Network: BlockSec Partners with Morph
Partnership

Building a Secure Stablecoin Payment Network: BlockSec Partners with Morph

BlockSec has partnered with Morph as an official audit partner for the $150M Morph Payment Accelerator. By offering exclusive discounts on smart contract audits and penetration testing, BlockSec provides institutional-grade security to payment builders, ensuring a safe and resilient foundation for the future of global stablecoin payments.

Weekly Web3 Security Incident Roundup | Mar 9 – Mar 15, 2026
Security Insights

Weekly Web3 Security Incident Roundup | Mar 9 – Mar 15, 2026

This BlockSec weekly security report covers eight DeFi attack incidents detected between March 9 and March 15, 2026, across Ethereum and BNB Chain, with total estimated losses of approximately $1.66M. Incidents include a $1.01M AAVE incorrect liquidation caused by oracle misconfiguration, a $242K exploit on the deflationary token MT due to flawed trading restrictions, a $149K exploit on the burn-to-earn protocol DBXen from `_msgSender()` and `msg.sender` inconsistency, and a $131K attack on AM Token exploiting a flawed delayed-burn mechanism. The report provides detailed vulnerability analysis and attack transaction breakdowns for each incident.

Venus Thena (THE) Incident: What Broke and What Was Missed

Venus Thena (THE) Incident: What Broke and What Was Missed

On March 15, 2026, an attacker bypassed the THE (Thena) supply cap on Venus Protocol (BNB Chain) through a donation attack, inflating a collateral position to 3.67x the intended limit and borrowing ~$14.9M in assets. Both sides lost money on-chain: Venus was left with ~$2.15M in bad debt after 254 liquidation bots competed across 8,048 transactions, while the attacker retained only ~$5.2M against a $9.92M investment. This deep dive examines what broke across three lines of defense (exposure limits, collateral valuation, and liquidation) and the monitoring gaps that left months of on-chain warning signals unacted upon.

Go Deeper with MetaSleuth Investigation

Extend your crypto compliance capabilities with Blocksec's MetaSleuth Investigation, the first platform for tracing funds, mapping transaction networks and revealing hidden on-chain relationships.

Move from detection to resolution faster with clear visual insights and evidence-ready workflows across the digital assets ecosystem.

MetaSleuth Investigation