1. Home
  2. Safety Knowledge
  3. DApp authorization scam

DApp authorization scam

BitKeep always attaches great importance to crypto security. As a wallet, it is a basic mission to keep users’ assets safe and this requires the user to have a certain knowledge base and be able to cooperate in accordance with the official guide.

In the following paragraphs, we will list different types of scams for reference. Only after you are familiar with all these tricks, can you explore the crypto space more safely in the future.

Excessive authorization is quite risky and it is suggested that you don’t scan a QR code if there is any uncertainty. Also, read the security prompts clearly and reach out to BitKeep customer service if you are not sure about it.

Let’s enter our first hard-hit area: DApp authorization.

DApp authorization scam

There are hidden dangers when a user needs to authorize the first interaction with a DApp. If the DApp is attacked later, it will be able to directly use its permissions to drain users’ assets. When a user initiates a transaction in a DApp contract, there will be an Approve button on the DApp page. The user must authorize to allow transactions, and this authorization means that the DApp contract has the clearance to transfer your assets. For the convenience of users, it is generally allowed to authorize an unlimited number of tokens by default. If there is a loophole in the contract, or the contract administrator becomes greedy, all the tokens in the wallet authorized by the user will be drained away.

BitKeep suggests that users should not over-authorize when interacting with on-chain protocols, and meanwhile they should regularly reauthorize Dapps that are not commonly used, and stay alert to avoid asset loss.

Users need to regularly reconfirm the permissions of dApps that are not commonly used or set an upper limit on the number of token transfers.

Rebate scam

The amount of each currency is about 0.01, and it promises to give users a daily profit of 3%. You only need to transfer 0.01 to confirm your address.

As a matter of fact, when you scan the code to enter a phishing website and transfer assets, it is equivalent to authorizing scammers to share your assets and they can reap all your profits.

Such kind of asset loss is due to authorization issues and BitKeep has made relevant risk warnings for your consideration. Users should verify the link address when using the wallet for third-party QR code/website access and authorization, or reach out to BitKeep official customer service and confirm if the link is safe.

How to check the authorization status in wallets

To view the DApp authorization history in BitKeep, simply select the public chain where the DApp is located, click [Tools], and then enter the [Authorization Detection] page;

Just paste the wallet address you wish to query in the search box.

Related Articles

Leave a Reply

Your email address will not be published.