Security Alert: Beware of New Wallet Authorization Phishing Scams on X Platform Masquerading as AML Checkers

New Phishing Scheme Targets Crypto Wallet Authorizations

The cybersecurity landscape witnesses a sophisticated new threat. According to an alert from security firm GoPlus, a series of elaborately crafted phishing campaigns have emerged on the X platform. Instead of crude links, scammers are now using promotions for so-called 'Black U' (illicit digital currency) channels and fake 'Anti-Money Laundering (AML) checking' websites as bait. Their ultimate goal is singular: to trick victims into approving malicious digital wallet authorizations.

Anatomy of the Scam: From Hosting Platforms to Interaction Traps

Detailed investigation by security experts reveals these phishing sites are deployed on common code hosting platforms like Vercel, leveraging their legitimate appearance to lower users' initial guard. The website interfaces often mimic genuine services, making them highly deceptive. The scam's core mechanism involves luring users into connecting their wallets or signing transactions. Once a user approves a malicious authorization, attackers can bypass the user to directly control wallet assets, leading to instant fund drainage.

Your Essential Security Defense Guide

Proactive defense is critical against evolving online threats. The GoPlus security team recommends a multi-layered approach:

• Opt for Secure Trading Channels: Avoid high-risk private peer-to-peer transactions whenever possible. For fiat-to-crypto exchanges, prioritize using the official OTC (Over-The-Counter) services offered by reputable centralized exchanges, which typically have better risk controls and dispute resolution.
• Maintain Link Skepticism: Treat any unsolicited link, especially those shared via social media, direct messages, or unfamiliar groups, with extreme caution. Do not click readily and never enter sensitive information.
• Remember the "Four Don'ts" Anti-Phishing Rule: This is your fundamental defense line:
  • Don't click unfamiliar links.
  • Don't install software or browser extensions from unverified sources.
  • Don't sign transaction requests with unclear content or dubious origins.
  • Don't transfer funds to addresses that haven't been thoroughly verified.

The security of digital assets starts with user vigilance. While enjoying the benefits of blockchain technology, it's crucial to consistently practice these safety habits to effectively safeguard your wealth.