Recently, there's been a surge in demand for vanity wallet addresses with special sequences like 88888 or 66666. However, this trend has also attracted scammers. They use mining machines to generate these addresses and sell them while retaining the private keys, allowing them to steal assets once users transfer funds to these vanity addresses.
Nick, a cryptocurrency investor, found someone selling vanity wallet addresses with the unique digits 66666 and 88888 in a discussion group. The seller claimed these addresses are memorable and bring good luck and wealth, showing satisfied buyers as proof. Fascinated by vanity numbers and plates, Nick found the idea appealing and decided to buy one. The seller quoted a price of 0.1 ETH for the address.
Despite thinking the price was high, Nick decided to buy the special address. He transferred 0.1 ETH to the seller, who then sent him the private key and related information. Excited, Nick transferred his ERC20 tokens to the new address.
A few days later, when Nick planned to use his tokens, he discovered they were missing from his vanity wallet. Shocked and angry, he checked the transaction records and saw the tokens had been transferred to an unfamiliar address shortly after he deposited them. He tried to contact the seller, but received no response. Desperate, Nick posted on Twitter for help, only to realize he had fallen victim to a vanity wallet scam.
The scammers had retained the private keys when they used mining machines to create these vanity wallet addresses. After selling the addresses, they waited for the victims to transfer tokens to them and then used the retained private keys to easily steal the cryptocurrencies.
In the same last character scam, scammers use mining power to generate an address with the same last character as the user's wallet. They transfer a small amount of money from this disguised address to appear in the user's transaction record. If the user copies the address from the record and only checks the last character, they might mistakenly use the scammer's address, leading to token loss after the transfer.
PSA:
- Do not use wallet addresses from unknown sources. Generate your own wallet addresses to ensure the security of your private keys.
- Stay vigilant to avoid falling victim to similar scams.
imToken Is Always Protecting Your Token Security
In June, imToken marked a total of 8567 risky tokens, banned 1701 risky DApp websites and marked 1377 risky addresses.
In addition, if you find any suspiciously risky tokens or DApps, please contact us: support@token.im to help more users avoid token losses.
Closing Thoughts
With scams continually evolving, it is indeed challenging for average users to fully prevent them. imToken is committed to rapidly detecting issues and finding solutions, providing timely messages to the community, and educating users about various types of scams to protect them from losses.
We encourage you to read and share imToken Wallet Security Monthly Report and join hands with imToken to safeguard your token security.