Bankless Times recently learned that the TON ecosystem has been victim to a surge in phishing attacks. These attacks are compromising TON wallet assets and putting users on Telegram’s native blockchain, TON, at high risk.
Phishing groups are the most frequent source of attacks. They often use deceptive techniques, such as fake game-related airdrops. For example, the founder of SlowMist, a leading blockchain security company, revealed that scammers were trying to deceive people by offering to send an unverified NFT, followed by the message “funds will be returned after wallet confirmation.”
TON phishing attacks often involve deceptive links, mini-apps, or bots that appear to offer attractive deals. Victims of these scams may find their TON wallets emptied of assets. Additionally, scammers may upload fake TON wallet apps to app stores. If users download and install these apps, their credentials or private keys can be stolen.
Users may also receive messages urging them to download a fake update for their wallet or other TON-related applications.
Phishers may also set up websites that resemble official TON-related services or wallets. These fraudulent sites closely resemble legitimate ones and can trick TON users into entering their login credentials or private keys.
Furthermore, users are urged to be cautious about emails that seem to be from TON or related services. These emails often contain urgent messages, pressuring recipients to take immediate action, such as confirming their account or changing their password.
Phishers can create fake profiles on social media, pretending to be official TON representatives or support staff. So, it’s important to be vigilant and verify the authenticity of any communication from the TON team to avoid falling victim to phishing attacks.
How to stay safe when playing Telegram Games
Blockchain security firm SlowMist advises users to enable two-step verification to secure their Telegram account for playing games. This way, you’ll stay safe even if an attacker manages to obtain your Telegram data.
Be cautious of airdrops, too. No matter how enticing they seem, always check their legitimacy before participating. The official channel typically announces the airdrop. Do not click on random links, especially those offering incentives like free tokens. Phishing links often seem very convincing. Download apps and software only from official sources and regularly update them to the latest versions.
Finally, TON users should regularly check for updates and alerts about the latest security risks and phishing schemes within the TON ecosystem.