|
Title: Repercussion of submitting into a scam airdrop? Post by: Norcal2020 on February 03, 2018, 04:53:28 PM Well, it was bound to happen as I follow airdrops. The form looked good, the "secure" was GREEN and the data on the form seemed authentic. But, it was a scam airdrop requesting ETH donations for bonuses. Money gone, not a lot, but lesson learned.
Question- Can anyone get into my MEW with just my MEW ER20 wallet address? No private key disclosed, of course. Did provide, the usual twitter, telegram profile info. Should I worry about any other potential issues? Title: Re: Repercussion of submitting into a scam airdrop? Post by: mtnminer1 on February 03, 2018, 04:59:47 PM is it "possible" yes -- but it's one of those let the machine run for X # years to reverse the key type deals
keep an eye out for any exploits around public keys and be ready to create a new wallet just in case but otherwise sounds like you've learned your lesson with minimal loss good luck Title: Re: Repercussion of submitting into a scam airdrop? Post by: AdolfinWolf on February 03, 2018, 05:00:01 PM Well, it was bound to happen as I follow airdrops. The form looked good, the "secure" was GREEN and the data on the form seemed authentic. But, it was a scam airdrop requesting ETH donations for bonuses. Money gone, not a lot, but lesson learned. Question- Can anyone get into my MEW with just my MEW ER20 wallet address? No private key disclosed, of course. Did provide, the usual twitter, telegram profile info. Should I worry about any other potential issues? You're asking if someone can get into your MyEtherWallet with just your public adress? I wouldn't hope so, because that would mean that anyone that has access to a block explorer could get everyone's funds. :P Quote Should I worry about any other potential issues? If that's the only thing that you gave them, your adress, then there isn't too much to worry about. You might receive some spam email ( if they're selling their userbase..). If you connected your twitter through an api ( gave them permission to do or see X, you should remove that. ) https://help.twitter.com/en/managing-your-account/connect-or-revoke-access-to-third-party-apps Title: Re: Repercussion of submitting into a scam airdrop? Post by: Norcal2020 on February 03, 2018, 05:05:41 PM is it "possible" yes -- but it's one of those let the machine run for X # years to reverse the key type deals Thank you. I only use this MEW wallet for airdrops and then move the coins to my Trezor/MEW wallet, when possible. So, I guess if they can get into this somehow, they wouldn't get too much anyways. I think it might be time to create a new airdrop wallet and move on.keep an eye out for any exploits around public keys and be ready to create a new wallet just in case but otherwise sounds like you've learned your lesson with minimal loss good luck Title: Re: Repercussion of submitting into a scam airdrop? Post by: Norcal2020 on February 03, 2018, 05:07:16 PM Well, it was bound to happen as I follow airdrops. The form looked good, the "secure" was GREEN and the data on the form seemed authentic. But, it was a scam airdrop requesting ETH donations for bonuses. Money gone, not a lot, but lesson learned. Question- Can anyone get into my MEW with just my MEW ER20 wallet address? No private key disclosed, of course. Did provide, the usual twitter, telegram profile info. Should I worry about any other potential issues? You're asking if someone can get into your MyEtherWallet with just your public adress? I wouldn't hope so, because that would mean that anyone that has access to a block explorer could get everyone's funds. :P Quote Should I worry about any other potential issues? If that's the only thing that you gave them, your adress, then there isn't too much to worry about. You might receive some spam email ( if they're selling their userbase..). If you connected your twitter through an api ( gave them permission to do or see X, you should remove that. ) https://help.twitter.com/en/managing-your-account/connect-or-revoke-access-to-third-party-apps No critical info was shared. Only social links etc...have taken down what I can and as noted in the other response, will create a new airdrop specific wallet (only use this to get the drops and them move to my trezor/MEW or another wallet. Thank you for the guidance. Title: Re: Repercussion of submitting into a scam airdrop? Post by: cryptoblackhat on February 03, 2018, 05:10:05 PM If somebody could get into your MEW with just the public address, they could also steal money from *any* public Ethereum address with the same method :)
So treat this just like any other security best practices. Make sure there's no malware on your machine, and be careful where you put your private keys. Then you should be fine. |