The Qatar World Cup is coming, watch out for scams while enjoying the the last performance of the football superstars

I. Crypto scams related to the World Cup are increasing rapidly

The 2022 Qatar World Cup is just around the corner, and it is highly likely that this will be the last World Cup for Messi, Ronaldo, Benzema, Modric, Lewandowski and other players. With the “last battle of the gods” approaching, various blockchain scams related to the World Cup are emerging.

II. Introduction of Token risks users may encounter

There are many kinds of token risks, and it’s possible that there will be a concentrated outbreak during the World Cup. Here are some major and serious risks.

1.Honeypot Tokens

These are tokens that contain explicitly malicious code that prevents users from trading or causes loss of assets.

2. Self-destructible tokens

Contract self-destruction means that the contract can be destroyed, it no longer exists after the destruction, so does the corresponding assets.

3. Owner can modify the balance

That is, there is a function in the token contract that allows the owner address to modify the token balance at another address without the permission of the victim address.

III. Introduction of NFT risks users may encounter

In addition to Token, NFT also has various security risks. According to statistics from security institutions, many NFTs have certain security risks at the contract level (the table below lists several common and more serious NFT risks) :

1. Restriction approvals resulting in the inability to trade

This means other addresses cannot perform contract approval except those in the whitelist. As decentralized NFT trading platforms require contract approval, users will not be able to trade the NFT on decentralized exchanges.

2. Transfer NFTs without approvals

That is, the owner of an NFT can directly transfer the NFT from another address to the address specified by the owner without approval.

(1) Directly transfer NFT

As shown in the picture below, the NFT (Ethereum, 0xa9bcd4bd5b851479307fe71398ce2352c281e0c1) was directly transferred away after selling.

(2) Providing the NFT with so-called celebrity endorsement through faking celebrity’s holding and transferring record

There has been a lot of feedback from users recently, that some NFT projects promote support from an online celebrity and indicate that the online celebrity has traded before. They are interested to participate but have concerns of the security of the project. This is actually another specific model for “transfer without approval”.

IIII. How users could defend against risks

1. Establish a sense of risk prevention and basic precautions.

(1) It needs to be clear that there will be more and more scams like the World Cup, and we must always pay attention. As the World Cup gets underway and the heat rises, more scams are bound to emerge. In addition to being related to the World Cup or FIFA, there may also be scams related to famous football stars (for example, there will be “Messi Token” and “Ronaldo Token”) or popular events. You have to pay attention all the time.

(2) Be cautious about Tokens/NFTs you are interested in. You should first learn basic information through the official website/community/Twitter.

(3) Be careful about tokens or links recommended by others to avoid being cheated.

The above attention points are not complicated, but why do attackers succeed repeatedly?

2. Learn to use security detection tools

To avoid various Token / NFT scams, you need to use detection tools to check their security before buying.

(1) For Token detection, you can use the GoPlus Token Security Detection Service

GoPlus token security detection service is one of the token detection services with the largest number of tokens covered, the most comprehensive detection items and the most accurate detection results.

(2) For NFT security, you can use the GoPlus NFT Security Detection Service

GoPlus NFT security detection service supports security detection for all major NFTs. Its security service has also been used by major platforms such as X2Y2.

(3) Search directly in GoPluseco by entering the address.

You can search directly by entering an address in GoPlusEco, which has integrated Token and NFT security detection.

--

--

Go+ Security, Everyone’s Security Tool! Go+ is an open, permissionless, user-driven security service platform for all types of blockchain users.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Go+ Security

Go+ Security, Everyone’s Security Tool! Go+ is an open, permissionless, user-driven security service platform for all types of blockchain users.