A user asks: A guy asked me to scan a QR code and transfer 1 USDT to him. I did what he said then all my USDTs were sent out from my wallet without my consent. How did that happen?
Another user asks: An imToken official told me I could earn rewards by depositing tokens into imToken. I did as instructed because it was a good opportunity to grow money. After transferring money to imToken, however, my wallet was drained.
imToken: That guy is a scammer, and the so-called ‘imToken official’ is an impersonator. They tricked you into approving him to drain your wallet.
- Scammers usually send you a QR code or impersonate imToken officials to trick you into granting them token approval authority.
- Token approval allows a third party to transfer assets from your wallet without consent.
- Check whether you are giving an unlimited token allowance whenever you are performing a transaction.
- Use tools like TRONSCAN and Etherscan to check and revoke token approvals.
How can a scammer drain your wallet without your consent? The answer is token approval.
What is Token Approval?
Google Play offers a family payment method through which your family members’ purchases, such as books and movies, are charged directly through your account. Even if your family doesn't know your Google Play password, they can still use your money.
Token approval is similar. When you unconsciously give a scammer the token approval authority, they can move your funds to their wallets without knowing your mnemonic or password.
And scammers often use QR code payment and liquidity mining tricks to scam crypto investors. Let’s take a closer look at each of these tricks.
QR Code Payment Trick
Here, scammers lure you to scan a QR code or click a link, which opens a scam website mimicking the transfer page of your wallet app. The site takes you through an imitation of the familiar transfer interface. Instead of the transaction confirmation, a window for approving unlimited token balance shows.
Note: You can distinguish between real and fake transfer pages by checking the icon in the upper right corner of a page. The icons in the top right corner of a fake page are "..." and "X," while that of a real page is a QR code scan icon.
In addition, imToken has newly designed the signing experience in the latest version and implemented more robust measures against such scams. Now, when you sign such a transaction, the system recognizes it as an authorized transaction, categorizes it as risky, and reminds you not to participate to avoid loss of assets.
Scammers impersonate imToken officials on channels such as Telegram, WhatsApp, Youtube etc. and offer you a salivating investment opportunity, such as depositing USDTs into imToken and participating in liquidity mining or staking to get guaranteed daily earnings; the more tokens you deposit, the higher the rate of return.
Some scammers even tell you that no principal is required; pay some miner fees to join the network, then receive a stable income. Sounds too good to be true? Well, it probably is!
When you confirm a transaction on the scam website to start the so-called liquidity mining or staking, you give the scammer unlimited token allowance.
So when you make a transaction or invest in a project, please pay attention to whether the "Approve Allowance" page pops up in the app, and stay alert.
- imToken officials will never chat with you on Telegram, WhatsApp and Youtube.
- imToken is a self-custodial wallet, so there is no such thing as an "Official Address" or "Address of imToken Financial Department." If someone tells you this address belongs to imToken, he must be a scammer.
In response to such scams, imToken has further optimized the signing experience in its latest version and enhanced security measures. When users sign such transactions, the system identifies them as authorized transactions and alerts them about the potential risks, thereby preventing asset loss.
How to Check Whether You Have Approved a Third Party to Transfer Your Tokens
Approve scams are common on Ethereum and TRON blockchains. This blog explains how to check and cancel the approval of your ETH and TRX addresses respectively.
Ensure you have at least 30 TRXs in your wallet for transaction charges. If not, please purchase some through exchanges and transfer them to your imToken TRX wallet, or contact us in the App for help.
1. Open your imToken TRX wallet, and switch to the browser page.
2. Enter "Browser" in the search bar, click "Blockchain Browser" -> "TRX" and select a wallet.
3. Scroll the page down and click "Approval," then all third-party addresses you have approved will be displayed on the page. If you find the "Approved amount" of an unknown address is unlimited or 999999…, it is likely to be a fraudulent address. Please revoke the approval immediately!
4. Click "Cancel" to revoke the approval. After the token allowance is successfully removed, the status will change from "Cancel" to "Canceled."
5. Check all your approval records to ensure all your unlimited token allowances are canceled.
Ensure you have at least 0.02 ETH in your wallet for transaction fees. If not, please purchase some through exchanges and withdraw them to your imToken ETH wallet.
Note: When withdrawing assets, please select "Ethereum Network" as your withdrawal network.
1. Open your imToken ETH wallet, and switch to the browser page.
2. Enter "Approval" in the search bar and click "Token Approval."
3. Click "Connect to Web3" -> "WalletConnect" ->"imToken." After the wallet is successfully connected to Etherscan, return to the previous page. It should display "Connected."
4. Scroll down the page to see the addresses and quantities you have approved under "Approved Spender" and "Allowance."
The picture below shows that the "Approved Spender" of my address includes Uniswap, SushiSwap, etc. This is because when I trade in DEXs, I must approve first to allow DEXs to complete token swaps.
5. However, if you find an unknown address in your "Approved Spender" list, it is likely to be a fraudulent address. Please revoke the approval immediately. Click "Revoke" on the right side of the address, then click "Revoke" again on the pop-up page and confirm the transaction.
6. Click "View your transaction". If the "Status" reads "Success," you have successfully canceled the approval.
Note: If your "Status" reads "Pending," please wait for it to change to "Success."
As we wrap up our exploration of unauthorized USDT transactions, the significance of staying informed and proactive cannot be overstated. The insights gained into approve scams and scam victim experiences are crucial elements in the ongoing battle against crypto fraud. By raising awareness, understanding the tactics at play, and bolstering protective measures, we collectively contribute to a stronger defense against unauthorized access and potential loss. Let these lessons guide us as we traverse the dynamic world of digital assets.
Contact us in the App or email us via [email protected] when in doubt.