12 common attack vectors that you probably didn't know (second part)

12 common attack vectors that you probably didn't know (second part)

As we talk in our last post, there are common options that scammers use to attack us. They contact by different apps or websites that we utilize in our rutine, so it´s very important to know them. Let's keep completing the list to avoid scams.

7. Fake uniswap airdrop, V3, sync, etc

Fake uniswap stealing seed:

Fake Uniswap airdrop:

NEVER enter key or phrase! Especially in some dodgy site!

Uniswap clones about a node sync or version upgrade, scams.

Fake airdrop twitter uniswap

Remember on DISCORD:

8. Compromised device

Never mine crypto and use a wallet on the same device.

Always use 2FA, best bet is to have a separate Chromebook or Macbook or PC/laptop that is not used for every day use, but only for crypto.

This can be a scary one. Copy and paste the “correct” wallet, but actually it gets replaced by malware to scammers wallet!

Or hacked PC and signed transaction actually signs TWO transactions, one hidden in the background! OUCH!

- Or modified background.js or metamask to approve hidden transaction EVEN WITH LEDGER.

Another example

- Fake Uniswap ICO site, with a dodgy .exe (teamviewer RAT hidden silent depoy)

9. Fake Ledger and Trezor support

Ledger does not phone you. Nor do they want your backup phrase in a dodgy portal.

Fake ledger:

Fake Trezor:

10. Sim swapping

If you notice GSM service disruptions allay assume sim hack!

Use authenticator app, not SMS!

⚠ Enable SINGLE DEVICE MODE to prevent 2FA app being cloned (AUTHY)!

11. Social engineering attacks and sextortion

Be careful who you chat with and who is asking you for your mothers maiden name or your first pet.

Make sure to scrub off metadata from photos before sharing.

(i.e. I have a video of you doing bad stuff, send BTC to avoid getting exposed)

If you got an email that somebody has a shameful video of you and extorts you, it is a scam.

12. Fake wallets and google play store apps

For example TRON does not have an app yet, but hackers are uploading FAKE Tron apps to google play store, promising and airdrop.

Fake Polkadot
Fake Tron Airdrop
Fake Balancer app

Fake Google Play Uniswap app wallets


Fake software updates



Fake Graph foundation "mandatory" update (Remcos RAT)

Fake Metamask

Metamask users are often invited to fake sites prompting them to enter seed phrase via various methods (email spam, scam DMs, twitter DMs, telegram and so on)


Another Metamask Scam:

Another variation of a Metamask scam


Another one

What else would you like to learn? Leave us a message on Twitter or Telegram.

Ensure your brand security and protect your business from attacks, starting today

Our advanced technology detects and takes down phishing websites, mobile app clones, and fake social media content.