Maria Irene
With the rising popularity of the platform “friend.tech,” Olly’s interest was piqued. After partially exploring it on his mobile device, he decided to continue the adventure on his computer. Sleepy-eyed and with the enthusiasm of many years in the blockchain space, he typed “friends” instead of “friend.” What seemed to be a trivial mistake led him to “friends dot tech,” a website with a sinister agenda.
Upon arrival, the site promptly asked Olly to connect his wallet. In a moment of trust and anticipation, he complied, unknowingly stepping into a well-crafted trap. The site took over his wallet, swiftly requesting permissions and attempting to drain tokens from various chains.
In the blink of an eye, Olly’s wallet was drained of Dino tokens, and an attempt was made to raid his Don tokens on the BSC chain. Fortunately, the damage was contained, and the vast collection of NFTs remained untouched.
The quick-thinking Olly sprang into action, researching and finding ways to revoke the tokens. The prompt response undoubtedly saved him from further loss. These days you can go to Etherscan or BscScan and revoke access to tokens. Although this is a beta feature, you can still do it. There are plenty of other sites, and the one most commonly used is EverRevoke. You can go there, go to multiple chains, and revoke access. If you have given away your seed phrase or private keys, immediately move your funds out, and there’s no point in revoking.
But even after revoking access to tokens, the best practice is to gradually move your funds out to a safer wallet with no history of it being compromised.
What Can We Learn?
Always Verify URLs: Even a single character can lead to a phishing site. Always double-check the URL you are accessing.
Be Cautious with Wallet Connections: Never hastily connect your wallet to unknown sites. Take a moment to research the platform before granting any permissions.
Revoking Tokens Is Possible: If you find yourself in a similar situation, remember that it’s possible to revoke smart contract allowances/token approvals. However, it’s best to consult with a professional or follow a trusted guide.
Consider Changing the Wallet: Although Olly chose to continue using his wallet, it might be wise for others to change their wallets if faced with a similar situation.
Stay Educated and Informed: Continuous learning and staying abreast of the latest security measures can be your best defense against scams and phishing attacks.
This incident serves as a potent reminder of the ever-present threats in the digital world. Whether a seasoned veteran or a newcomer to the crypto space, nobody is immune to the risks. The experience shared by Olly is not just a story of loss and recovery but a lesson for all of us to stay vigilant and informed.
If you have ever visited “friends dot tech” or other suspicious sites, please be cautious and consult with a security expert if needed.
Stay safe online and continue to explore the vast opportunities in the crypto world, but never let your guard down. The next phishing site could be just one typo away.
