A crypto trader recently lost a whopping $35 million in just a few minutes due to a sneaky scam. This wasn’t a hack or a market crash, but a social engineering attack that tricked the trader into signing a “permit” signature.
How the Scam Worked
The scammer used a phishing technique to convince the trader to sign a permit signature, essentially giving them permission to access their funds. Once the trader signed, the scammer quickly sold off the stolen crypto, causing the price to plummet.
This type of scam has become increasingly common in the crypto world, with attacks on protocols like PAC Finance and Orbit Finance.
The Permit Signature Problem
Permit signatures were introduced to make crypto transactions more efficient. They allow traders to approve transactions off-chain, saving them money on gas fees. However, this convenience comes with a risk.
Unlike traditional on-chain approvals, permit signatures don’t display warning signs, making them easier for scammers to exploit. They can trick users into thinking they’re simply signing into a website, when they’re actually granting access to their funds.
Phishing Scams: A Growing Threat
Phishing scams are a major problem in the crypto space. These scams often involve fake accounts on social media platforms like X (formerly Twitter), where scammers post fake links or messages designed to trick users into giving up their login information or signing malicious contracts.
In recent months, thousands of crypto users have fallen victim to phishing scams, losing millions of dollars. One of the most common tactics is to use fake Google ads that lead users to websites that steal their crypto.
Stay Safe: Be Aware and Be Careful
It’s important to be aware of the risks of phishing scams and to take precautions to protect your crypto. Here are a few tips:
- Double-check links before clicking. Make sure the link is going to the official website of the service or platform you’re trying to access.
- Be wary of unsolicited messages. Don’t click on links or open attachments from unknown senders.
- Never share your private keys or seed phrases with anyone.
- Use a strong password and enable two-factor authentication.
By staying vigilant and taking these precautions, you can help protect yourself from becoming a victim of a crypto scam.