Breaking down the ongoing token impersonation scams with DeFi execs

Published on:

Decentralized finance (DeFi) protocol Tres Finance warned the community about a scam that involves fake tokens designed to mimic legitimate transactions.

In an interview, Tres Finance co-founder Tal Zackon and the company’s technical lead, Idan David, shared the details of a scam using fraudulent transactions that imitate legitimate ones. According to the duo, the scammers attempt to lure unsuspecting users to copy the wrong wallet address and send their transactions there.

David further explained that scammers often identify and target wallets with large amounts of stablecoins like Tether (USDT) or USD Coin (USDC). Once the scammers are locked on to their targets, they create similar-looking wallet addresses and create tokens that imitate the legitimate ones. David explained:

“So, they’re creating a new token that has the same symbol as the original token, and they can create fictitious transactions with tokens that are not marked as scam assets by Etherscan.”

The scammers then create a transaction that mimics legitimate transactions from the wallet address prefix to the number of tokens sent to the address. This makes it look like their target has been the one constantly sending transactions to the wallet address they planted. Through this, people who are using their transaction history to get wallet addresses are at risk of sending it to the scammers. 

Example of a scam transaction (above) designed to mimic a legitimate transaction (below). Source: Tres Finance

Zackon warned businesses not to use explorers to track their finances. “Do not use explorers to track your financial movements. You have to use a dedicated system that will help you verify the asset and verify the third party that you’re engaged with,” he said. 

Read more:  Wormhole Bridge's Threat Actor Moves $155m Through DEX

Related: CertiK receives $500K bounty after Sui blockchain threat discovery

The executive extended the warning to end-users as well. According to Zackon, he would recommend keeping track of a spreadsheet of the addresses that they are working with. In addition, the Tres Finance co-founder said that it would be better to “double-check each and every transaction” and the addresses that users are engaging with.

On Jan. 12, wallet provider MetaMask issued a warning about a similar scheme called address poisoning. With this, scammers send tokens worth $0 to wallets using vanity-generated wallet addresses with similar first and last characters to their targets. This populates their transaction history with fraudulent transactions, hoping that the user will make the mistake of copying and pasting the wallet address when sending a transaction.

Magazine: Should crypto projects ever negotiate with hackers? Probably