Security is the most important topic of BitKeep, no one. As a wallet, it is its basic mission to keep the user’s assets safe, but this process requires the user to have certain security knowledge and be able to cooperate in accordance with the official operation guide. Bankruptcy is only for a moment.
Therefore, we will list different channels and methods of fraud. Only after you are familiar with the core and routine templates of fraud, can you consciously take precautions in the process of exploring the encryption industry in the future.
Excessive authorization is very dangerous; strangers and QR codes, don’t scan if you don’t believe it; read the security prompts clearly, and you can’t tell the difference to find customer service.
Enter our first hard-hit area: dApp authorization.
DApp authorization scam
There are hidden dangers when a user needs to authorize the first interaction with a dApp. If the dApp is attacked later, it will be able to directly use its permissions to steal user assets. When a user conducts a transaction in a dApp contract, there will be an Approve button on the dApp page. The user must authorize to allow transactions, and this authorization means that the dApp contract has the right to transfer your assets. For the convenience of users, generally The default is to authorize an unlimited number of tokens. Once there is a loophole in the contract, or the contract administrator becomes greedy, all the tokens in the wallet authorized by the user will be transferred away.
BitKeep reminds that users should not over-authorize when interacting with on-chain protocols, and at the same time, they should regularly deauthorize Dapps that are not commonly used, and pay attention to preventing fraudsters from “changing vests” to avoid asset loss.
Therefore, you need to regularly clean up the permissions of dApps that are not commonly used or set an upper limit on the amount of token transfers.
The amount of each currency is about 0.01, and it promises to give users a daily income of 3%. You only need to transfer 0.01 to confirm your address.
In fact, when you scan the code to enter the counterfeit website and transfer money, it is equivalent to the authorization of the scammer to transfer the currency, and he can steal all your balance.
This is also due to the theft of assets due to authorization issues. BitKeep has made a lot of risk warnings in the product. Users must pay attention to verifying the link address when using the wallet for third-party QR code scanning/website access and authorization, or the first Time to ask BitKeep official customer service if the link is safe.
How to check authorization status in wallet
To view the DApp authorization history in BitKeep, select the public chain where the DApp is located, click [Tools], and then enter the [Authorization Detection] page;
Just paste the wallet address you want to query in the search box.