Fake token swap targets Decrypt users; stay ahead of phishing malware links.

Last night I receive a pop up email notification from a so called claimed Decrypt source newslet which prompt Decrypt registered email readers to claim it new ERC token DCPT token.

DCPT Token is Here!
We're excited to announce that the DCPT Token is now available. This marks a pivotal moment as we transition to a more robust and community-driven platform. Our new ERC token is ready to usher in a new era for Decrypt.

The sender attached a phishing link for users to claim their DCPT token reward which automatically redirects these users to a different website, sadly some users might likely fall for this by leaving their information or connecting their wallets to these phishing link which will probably drain their funds, in response to this Decrypt have published an article warning public users about this new circular sending phishing links to users which could possibly wipe off their funds.

Image source

Decrypt token DCPT is an ERC-20 based that rewards users for reading content and interacting within Decrypt mobile app this token was incentivise to boost users engagement on their platform as well as give user the experience of getting rewarded for their activities on the news source app. The token is not tradable and not listed on any exchange.

The sender leverage on Decrypt delay in launching their token on any exchange, since most users have been accumulating DCPT token since 2021, the sudden news of claim on new ERC could spark excitement for holders to connect their wallet without double checking for fake compromising links.

Centralization data scraping

Its easier to target such large number of user base who are crypto inclined with token claim, since majority of Decrypt users could interact with crypto wallet, the airdrop dispatcher who claim to be Decrypt handler must have in some way have access to information of large number of users who get daily crypto news from Decrypt newsletters.

Data scraping have always been a problem in centralized based systems, users who must have entrusted their data get their information breach in some case these information are sometimes sold to bigger advertising companies to target users for ads sharing to attract more customers.

Since users in the centralized space need to always undergo some verification before their accounts are verified on most centralized systems we will continue to witness such occurrence of mass phishing email links sent out to users it is now becoming a norm for all centralized users to account for safety of their accounts as phsing link sending are inevitable for centralized based applications.

safety tips against phishing link

The best safety tips for centralized data scraping and phishing link is owing your keys and right to control your information which decentralization is here to offer, since it may take some good time for the world to go fully decentralized we need to take some safety measures to protect out account from getting hacked.

1. Double check the URL: First step to always protect your account is cross checking for fake URL check misspelling in domain name before clicking on any link verify the sender are from official account holders.

2. Examine email address: the fake so called Decrypt email airdrop phishing account was using a different email to dispatch message to users it always necessary to check sender name before clicking or opening an email link.

3. Don't click on links: if you're not sure of the link its better to stay off the link.

4. Add strong security: enabling two factor authentication can help protect and increase ones account safety

5. User password manager: this tool help you recognize fake and legitimate login pages.

6. Educate yourself: the best means of staying ahead of the game is by educating yourself make research on how to improve and protect your account safety by staying informed about common and latest phishing tactics used by bad perpetrators.

Owning and storing your information on decentralized based systems minimize risk of one exposuring their account information to phishing link senders, cybercrime are increasing their tactics daily and best measure against their tactics is stay decentralized with your information encrypted on blockchain.

Posted