Unveiling the Latest Scam of ImToken
Unsuspecting users are being lured into phishing scams posing as the Imtoken wallet. The phishing sites appear as top ads on Google search results, threatening users’ digital assets.
The Imtoken wallet allows users to store various cryptocurrencies. It offers security features such as private key local secure storage and asset visibility. It also supports staking.
Phishing Scam
Scammers have been abusing the trust of imToken users, attempting to steal their digital assets. They trick them into downloading fake wallet apps, luring them to deposit their USDT and then stealing the coins. They also use their phishing contract to falsely forge the transaction record of the USDT top-up.
These scams take advantage of the fact that many people have a habit of copying addresses from the transfer history. Scammers know this, so they generate fraudulent addresses with the same last characters as the user's transfer address. If a user accidentally transfers their assets to this address, they will lose the funds.
To prevent this, imToken has updated its security system to filter out transactions under 0.1 USDT/USDC/DAI in ETH wallets. It is also recommended that users double-check the wallet address before transferring funds to any addresses.
Ransomware Scam - A type of online fraud where a scammer gains access to the victim's computer systems and private data, encrypts it, and then demands a ransom in cryptocurrency.
Telegram Scam — Scammers set up fake imToken fan groups on Telegram and guide users to add fake imToken customer support friends, in an attempt to get them to reveal sensitive information such as their mnemonic phrases or private keys. The team of imToken warns all users to be vigilant in group chats and not to share their personal information with strangers.
Fake Wallets
The thriving cryptocurrency industry has seen a number of scams that lead to losses of digital assets. This is because novice crypto users are easily tricked by fake official websites and Apps, which steal their transfer authorization information. This can be a big problem as many users are unaware of this issue and will unknowingly send their assets to the scammer’s wallet.
Scammers have also used fake transfer pages to cheat users by forging transaction records on the blockchain. This can lead to the creation of fake USDT transactions that show up in their wallets without the user’s knowledge. This can lead to a situation similar to what happened to a victim in California, who lost thousands of dollars in one transaction.
To combat these threats, imToken has upgraded its risk warning system to alert users when they sign a message that contains a link to a fake transfer page. This is to prevent the loss of users’ assets due to this phishing scam. The company has also created a new version of its wallet that includes a “token approval” feature that allows only authorized accounts to access the account. This feature will ensure that only genuine users are allowed to use the wallet, thus preventing the spread of malicious activities on the platform. The company will continue to update the wallet and improve security features to protect its users.
Wallet Permission Manipulation
Scammers have been stealing users’ assets by changing their TRX wallet account permissions. These scams have been carried out by luring users to download a fake imToken App. Using this method, scammers are able to steal their users’ mnemonics and change their transfer permissions. Those changes are irreversible on the blockchain, so users lose control over their assets. This type of attack is known as Addresses with the Same Last Characters scam.
To avoid falling victim to this scam, users should always check their transaction history and their wallet permissions. Moreover, they should never use public Wi-Fi to access their wallets. This is a common way for hackers to exploit a user’s wallet. Keeping your wallet updated with the latest version of imToken can protect you from these types of attacks.
Another way for scammers to steal users’ assets is by manipulating the SetApprovalForAll function in their MetaMask wallets. This allows attackers to create a malicious contract that will internally trigger the SafeTransferFrom function and steal tokens from their wallets.
This is a type of attack that is more dangerous than phishing. It is more sophisticated and takes advantage of the features provided by smart contracts. Smart contracts are coded on a blockchain and offer security, permanence, and immutability. They can be manipulated to perform malicious functions, and these functions are difficult to detect.
TRON Wallet Authorization Record Falsification
Although it is possible to create any token on the blockchain, imToken has a system that detects these tokens and warns users when they try to transfer them. It also filters them so that they cannot appear on the wallet page to protect users from falling victim to them.
Scammers often generate addresses with the same last characters to trick users. When a user makes a transaction, the fraudulent address appears in their transaction record, and if they don’t check it carefully, the scammer can steal their assets. This is known as the Addresses with the Same Last Characters Scam.
Another common scam involves fraudulent multi-signature wallets. Scammers acquire a user’s private key and use it to create a multi-signature wallet in which they control the funds. The scammers can then make transactions in the user’s account and transfer the user’s assets to their own.
The Securities and Exchange Commission has filed charges against Tron founder Justin Sun and three of his wholly-owned companies for fraud, false advertising, and wash trading. The SEC alleges that Sun and his companies orchestrated a scheme to tout TRX and BitTorrent (BTT) through extensive wash trading and paid celebrities to do so without disclosing their compensation. In addition,The official download of Imtoken2.0 , they engaged in illegal market manipulation to artificially inflate the price of the two coins.