TLDR
Approval phishing is a crypto scam where victims are tricked into signing a wallet transaction that grants attackers standing permission to spend or transfer tokens. Unlike classic phishing, victims often see no immediate loss, but the...
Como funciona
Approval phishing is a crypto scam where victims are tricked into signing a wallet transaction that grants attackers standing permission to spend or transfer tokens. Unlike classic phishing, victims often see no immediate loss, but the...
Señales de alerta
- : A website or dApp asks you to "approve" or "set spending cap" before you can claim an airdrop, mint an NFT, or fix a stuck transaction. The approval request is unlimited (no custom cap) or targets a token contract you did not intend to interact with. The prompt appears via Discord, X, or Telegram link from an unverified account promising free rewards
Qué hacer
- 1: Revoke unused or unlimited token approvals regularly using tools like Etherscan Token Approvals or Revoke.cash. Never sign a wallet popup you did not initiate from a trusted dApp
- 2read the contract address and permission scope carefully. Use a separate hot wallet for interacting with new or unverified dApps, and keep long ter
Fuente
chainalysis
Fuente verificada por Mythos Forensic Team
https://www.chainalysis.com/blog/what-is-approval-phishing/FAQ
Es Approval Phishing: How a Single Signature Drains Your Crypto Wallet una estafa real?
Si. Trata el mensaje, la llamada o la solicitud de pago como sospechosos hasta que los verifiques por un canal oficial.
Cuales son las primeras senales?
: A website or dApp asks you to "approve" or "set spending cap" before you can claim an airdrop, mint an NFT, or fix a stuck transaction. The approval request is unlimited (no custom cap) or targets a token contract you did not intend to interact with. The prompt appears via Discord, X, or Telegram link from an unverified account promising free rewards
Que debo hacer primero?
: Revoke unused or unlimited token approvals regularly using tools like Etherscan Token Approvals or Revoke.cash. Never sign a wallet popup you did not initiate from a trusted dApp; read the contract address and permission scope carefully. Use a separate hot wallet for interacting with new or unverified dApps, and keep long ter
Puede LegalAudit revisar mi caso?
Si. Abre el chat gratis y pega el mensaje, el enlace, el remitente o los datos de pago para un triage.