As Web3 continues to evolve at pace, the onchain ecosystem is flourishing, with rising numbers of users participating in onchain transactions and other activities. Simultaneously, various onchain scams are emerging, with fraudsters tricking users into authorizing transactions or revealing their keys to steal assets.
To help users safeguard their Web3 security, OKX offers multi-layered security measures. We also advise users to remain vigilant and educate themselves on the threats out there, especially in high-risk scenarios.
In this article, we'll spotlight some common onchain scam cases, alongside OKX's countermeasures and user recommendations. By the end, you should be wel placed to identify and avoid major Web3 risks.
Induced authorization theft
Gaining authorization maliciously is a common tactic used to commit a Web3 scam. Here, fraudsters would create false authorization transactions to trick users into signing, thereby gaining operational control over the user's assets.
Approval authorization scams
Approval authorization scams see the criminal use methods for stealing authorization from users. Here are two common examples to look out for.
Phishing links: Fraudsters share so-called "high-yield" trading information in communities, guiding users to click on links to steal authorization for "deposit mining" or "staking airdrops."
OTC disguise: Scammers pose as OTC merchants, asking users to make a small test transfer of $1. This is actually an authorization transaction, granting them control over the user's assets.
OKX Wallet security measures
First defense: Malicious detection of login URLs, blocking access if the URL is identified as malicious.
Second defense: Intercepting authorization to externally owned accounts (EOA) addresses even if the site isn’t flagged as malicious.
Third defense: Blocking authorization to contracts identified as malicious.
Fourth defense: For specific networks (such as Tron), intercepting transactions if the signature content and description don't match.
Permit and Permit2 authorization scams
Permit and Permit2, introduced by Uniswap to save Gas fees, can be exploited by hackers to trick users into authorizing transactions.
OKX Wallet security measures
First line of defense: Clearly displays transaction types as permit authorizations, marking involved tokens, scope of permissions, and expiration times.
Second line of defense: Automatically block and prompt users to review transaction risks for potentially risky decentralized application (DApp) requests.
eth_sign authorization scams
eth_sign allows a user to sign any transaction hash, which is like providing a "blank check" on Ethereum. Fraudsters trick users into using eth_sign to construct custom transactions and steal assets.
OKX Wallet security measures
Automatic interception: Automatically identifies and blocks eth_sign transactions due to their high phishing nature.
How to protect yourself
Stay vigilant: Don't blindly follow financial advice from social media or group chats, especially those involving unknown links or supposedly high-yield projects.
Avoid interacting with unknown contracts: Verify the reliability of contract sources before authorizing them. Interact only with well-known platforms or DApps you fully understand.
Refuse unknown transaction signatures: Carefully check the authorization target and amount before approving transactions, especially for "approve" and "increase allowance" operations.
Understand new authorization risks: Although new authorizations like Permit and Permit2 save gas fees, they may pose security risks.
Screenshot and screen recording key theft
Scammers also sometimes pose as investment advisors or trading experts to trick new users into revealing their private keys or mnemonic phrases through screenshots or screen sharing.
OKX Wallet security measures
First line of defense: Disable screenshot and screen recording on sensitive interfaces and warn users of the risks.
Second line of defense: Prevent screen sharing of mnemonic phrases.
How to protect yourself
Handwrite and securely store mnemonic phrases: Record mnemonic phrases on paper, avoiding screenshots or electronic storage.
Beware of strangers requesting mnemonic phrases: Never share mnemonic phrases with anyone.
Avoid remote assistance: Dont' display mnemonic phrases or private keys during remote assistance.
Malicious airdrop theft
Fraudsters use malicious airdrops as another way of scamming users. Here, the scammer sends worthless tokens to many addresses, tricking users into interacting with phishing sites to sell these tokens, leading to asset theft.
OKX Wallet security measures
Hide suspicious airdrop tokens: Automatically hides suspected malicious airdrop tokens to prevent users from interacting with them.
How to protect yourself
Don't interact with unknown airdrop tokens: Be cautious of unknown airdrop tokens and verify their information before interacting.
Avoid logging into suspicious sites: Never trust non-official channels for selling tokens that can't be traded on regular platforms.
Similar address scams
Fraudsters create addresses similar to those users interact with, tricking them into transferring assets to the wrong address.
OKX Wallet security measures
Highlight similar addresses: We list similar addresses on the transfer page to prompt users to verify the correct address.
How to protect yourself
Carefully verify transfer addresses: Check the first and last few characters of the address before transferring.
Support address labels: Use address labels to quickly identify and avoid errors.
Project team exit scams
Some project teams may misuse user authorizations to transfer assets before disappearing, leaving users with nothing.
OKX Wallet security measures
Authorization reminders: Reminds users to cancel unnecessary authorizations for DApps not used for a long time.
How to protect yourself
Be Cautious with authorizations: Don't easily authorize DApps or contracts, especially those promising "high returns" or "no risk."
Regularly manage authorizations: Regularly check for and cancel DApp authorizations that haven't been used in a long time.
Rug pull scams
Similar to project team exit scams is the rug pull. Here, fraudsters promote tokens to attract users, then manipulate prices higher so they can exit with a massive gain. Meanwhile, users are prevented from selling their assets, causing losses.
OKX Wallet security measures
Risk assessment interception: Our built-in engine evaluates token risks and blocks high-risk purchases.
Onchain risk detection: Provides risk token detection for supported chains.
How to protect yourself
Be aware of rug pull risks: Verify token information on official platforms before purchasing.
Avoid following the hype: Stay cautious and don't participate in hype, especially if it's a project you're not familiar with.
The final word
Crypto scams are constantly evolving, presenting traders like you with new threats to understand and mitigate. Taking the time to regularly educate yourself about new risks and how to manage them is key, and we're here to help.
Read our guide on how to spot crypto scams in 2024 for more insight, and check out our wider scam guides to understand other crypto threats.
© 2025 OKX TR. This article may be reproduced or distributed in its entirety, or excerpts of 100 words or less of this article may be used, provided such use is non-commercial. Any reproduction or distribution of the entire article must also prominently state:"This article is © 2025 OKX TR and is used with permission." Permitted excerpts must cite to the name of the article and include attribution, for example "Article Name, [author name if applicable], © 2025 OKX TR." No derivative works or other uses of this article are permitted.
