In early October, scammers were buying Ad spots and bidding for Ad rank in search engines. By doing so, they lured users to download fake wallet Apps on fraudulent websites. This led to users’ tokens being stolen. Some victims who couldn’t figure out the reason reached out to us, saying “My wallet was drained but my password was not compromised”
Many novice users of decentralized wallets will meet problems about the relationship between their password and digital token security. They mistakenly believe that their tokens are safe as long as their password is not compromised. In fact, mnemonic is the key to keeping digital tokens secure. Once it is known to others, they can drain your wallet without knowing your password.
Here is an example showing the relationship among your mnemonic, password, and digital tokens.
A decentralized wallet created by you is like a bank under your control. Your mnemonic or private key is the key to unlock the vault of that bank. This shows how important the key is. In this sense, it should be kept in a safe place such as a strongbox. The password for that strongbox is the one you created for your wallet.
The process of making transactions with a decentralized wallet is similar to getting money out of the vault of a bank. To finish that process, we need to open the strongbox with our password to get the mnemonic or private key, which is required for unlocking the vault.
Through the above example, could you come to the conclusion that your mnemonic or private key is crucial to the token security of your decentralized wallet? On the blockchain, mnemonic represents token ownership. Given that, with your mnemonic, others can steal your tokens away without knowing your password.
Information including the mnemonic and private key of a user is secretly uploaded by fake wallet Apps to scammers. That is why his tokens will be stolen after he downloads those fake Apps. However, the real wallet does not store this information about the user. Only users themselves know the mnemonic or private key of their wallet. That's why it's important to download a genuine imToken!
Check out the two articles below to know the right way to download imToken:
imToken is always protecting your tokens security
Upgraded Authorization Notification
Authorization scams are a typical kind of fraud. Scammers lure users to authorize a personal address and then steal users’ tokens. To tackle those scams, imToken has enhanced the authorization risk warning to resolve the address in advance. In this way, users can tell whether it is a personal address or a contract address. During the authorization of a personal address, the warning page will pop up, strongly suggesting users to cancel the authorization.
Address book
Recently, scams involving addresses with the same last characters are quite rampant. To avoid those scams, in addition to checking the receiver’s address before transferring to it, we recommend you to use the address book to keep the frequently used addresses. In this way, you can avoid transferring to a wrong address.
How to use the address book?
Set up your address book
Open imToken and click “My Profile” - “Address Book”. Then, click the “+” icon at the top right corner to add addresses.
Note: please check whether the added addresses are correct or not before clicking “save”.
Make transactions with the address book
Here is an example to transfer USDT with the TRX wallet. First, choose USDT and click “Send” to enter the transfer page. Then, click the icon on the right side to enter the address book where you can find the address. After entering the amount and checking the transfer details, you can click “Next” and enter your password to complete the transfer.
Risk Control
In October, 22 tokens, 393 DApps and 756 addresses were marked by the imToken security team as risky.
If you recognize any risky DApps or tokens, please report to us via support@token.im to help more users avoid being deceived.
About imToken
At imToken, we are committed to equipping our users with security knowledge and providing security solutions to safeguard their tokens, thus creating a safe and sound crypto ecosystem.
imToken is a digital token management tool with personal touch and accountability. It undergoes rigorous security audits and deploys sophisticated risk control measures to guarantee the safety of user tokens. It is now serving more than 10 million blockchain enthusiasts from over 150 countries and regions.
Visit https://token.im/download to download imToken.