{"id":18923,"date":"2022-05-03T06:10:03","date_gmt":"2022-05-03T14:10:03","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/05\/03\/news-12656\/"},"modified":"2022-05-03T06:10:03","modified_gmt":"2022-05-03T14:10:03","slug":"news-12656","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/05\/03\/news-12656\/","title":{"rendered":"Airdrop phishing: what is it, and how is my cryptocurrency at risk?"},"content":{"rendered":"

Credit to Author: Christopher Boyd| Date: Tue, 03 May 2022 13:16:23 +0000<\/strong><\/p>\n

Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3\/NFT\/cryptocurrency popularity, and ensures scammers get a slice of the money pie. You may well have heard the term in passing, and wondered what an Airdrop is. Is your iPhone about to be Airdrop phished?<\/p>\n

It doesn\u2019t really help that the term tied up into lots of new forms of tech you might never have experienced directly. It\u2019s one of those odd scams, doing weird things, to accounts you have no idea about.<\/p>\n

Fret no more, because we\u2019re going to walk you through an actual Airdrop phish example. No apes were harmed in the making of this documentary.<\/p>\n

What is an Airdrop?<\/h2>\n

Confusingly, the term has multiple uses jostling for attention. The older, more familiar term is the one related to Apple devices. An Apple Airdrop is where Bluetooth is used to send files<\/a> to other people. If you\u2019re not an Apple user, it\u2019s likely you\u2019ve only ever seen Airdrop in relation to trolling<\/a>. If you\u2019re out and about, you may walk into an unintended crossfire of memes<\/a>, and in the worst case scenario, it might be objectionable unsolicited images<\/a>.<\/p>\n

In terms of security concerns specifically, research has shown how it could potentially aid spear phishing<\/a> in the right circumstances. Crucially, none of these things are related to the Airdrops we\u2019re talking about today<\/em>.<\/p>\n

What type of Airdrop are we talking about?<\/h2>\n

The Airdrops of the moment are promotional tactics aimed at cryptocurrency\/Web3 people. Airdrops typically reward early adopters of certain currencies or communities. This type of reward can also be given out as no strings attached freebies to anyone who wants in on the action, and they\u2019re great ways to keep people emotionally invested in their Web3 activities. There\u2019s a lot of real world examples listed here<\/a>.<\/p>\n

In terms of how you receive<\/em> the Airdrop, there are a few different ways. Those early adopters may find the free Airdrop distributed to their address automatically, assuming they have some level of investment in the service giving it away. A big red flag is when a supposed Airdrop asks for funds (for a freebie?), or even worse, your login\/recovery phrase.<\/p>\n

Nobody should ever<\/em> be asking for that.<\/p>\n

Airdrops are very popular, and this is where phishing attacks come in.<\/p>\n

Common Airdrop phishing tactics<\/h2>\n

Airdrop phish pages try to ensnare as many cryptocurrency users as possible. No matter how obscure your digital currency of choice is, or how unusual your wallet is, there\u2019s a scam just waiting for you.<\/p>\n

Our bogus site below is quite slick looking, complete with ticker at the top. \u201cClaim reward bonus\/Airdrop\u201d, they implore.<\/p>\n

\n
\"\"
An Airdrop phish<\/em><\/figcaption><\/figure>\n<\/div>\n

Hitting the button takes you to the select a wallet page. There is, quite simply, a ridiculous amount of wallets and services listed. MetaMask, Solflare, Binance, Digitex, Argent, the works. If you use any form of cryptocurrency wallet or service, there\u2019s a good chance it\u2019s on the list somewhere.<\/p>\n

\n
\"\"
Wallets galore<\/em><\/figcaption><\/figure>\n<\/div>\n

Clicking any of the wallets results in you being informed that an error has occurred. Connecting manually is what you\u2019re now asked to do. From here, you\u2019re asked to send them your phrase, private key, or keystore.<\/p>\n

Hitting connect pauses the site for a second, then dumps you onto a 404 Page not found containing \u201csent\u201d in the URL. At this point, it\u2019s probably a good idea to hope the 404 is genuine and nothing has been sent to the scammers.<\/p>\n

Some sites target users of one wallet only. Here\u2019s one targeting MetaMask users, asking for their recovery phrase:<\/p>\n

\n
\"\"
“Type your secret phrase…”<\/em><\/figcaption><\/figure>\n<\/div>\n

As MetaMask’s official support says:<\/p>\n

\n
\n
\n

To get support, open MetaMask and navigate to \u201cSupport\u201d or \u201cGet Help\u201d within the dropdown menu. Do not trust anyone who has sent you a direct message. UNDER NO CIRCUMSTANCES should you ever give your Secret Recovery Phrase to anyone or input it into any site!<\/p>\n

— MetaMask Support (@MetaMaskSupport) April 29, 2022<\/a><\/p><\/blockquote>\n