Repercussion of submitting into a scam airdrop?

[Norcal2020]

Well, it was bound to happen as I follow airdrops. The form looked good, the "secure" was GREEN and the data on the form seemed authentic. But, it was a scam airdrop requesting ETH donations for bonuses. Money gone, not a lot, but lesson learned.

Question- Can anyone get into my MEW with just my MEW ER20 wallet address? No private key disclosed, of course. Did provide, the usual twitter, telegram profile info. Should I worry about any other potential issues?

[1714147292]

1714147292

[1714147292]

1714147292

[1714147292]

1714147292

[1714147292]

1714147292

[mtnminer1]

is it "possible" yes -- but it's one of those let the machine run for X # years to reverse the key type deals

keep an eye out for any exploits around public keys and be ready to create a new wallet just in case

but otherwise sounds like you've learned your lesson with minimal loss

good luck

[AdolfinWolf]

Well, it was bound to happen as I follow airdrops. The form looked good, the "secure" was GREEN and the data on the form seemed authentic. But, it was a scam airdrop requesting ETH donations for bonuses. Money gone, not a lot, but lesson learned.

Question- Can anyone get into my MEW with just my MEW ER20 wallet address? No private key disclosed, of course. Did provide, the usual twitter, telegram profile info. Should I worry about any other potential issues?

You're asking if someone can get into your MyEtherWallet with just your public adress? I wouldn't hope so, because that would mean that anyone that has access to a block explorer could get everyone's funds.  

Should I worry about any other potential issues?

If that's the only thing that you gave them, your adress, then there isn't too much to worry about. You might receive some spam email  ( if they're selling their userbase..). If you connected your twitter through an api ( gave them permission to do or see X, you should remove that. )

https://help.twitter.com/en/managing-your-account/connect-or-revoke-access-to-third-party-apps

[Norcal2020]

is it "possible" yes -- but it's one of those let the machine run for X # years to reverse the key type deals

keep an eye out for any exploits around public keys and be ready to create a new wallet just in case

but otherwise sounds like you've learned your lesson with minimal loss

good luck

Thank you. I only use this MEW wallet for airdrops and then move the coins to my Trezor/MEW wallet, when possible. So, I guess if they can get into this somehow, they wouldn't get too much anyways. I think it might be time to create a new airdrop wallet and move on.

[Norcal2020]

Well, it was bound to happen as I follow airdrops. The form looked good, the "secure" was GREEN and the data on the form seemed authentic. But, it was a scam airdrop requesting ETH donations for bonuses. Money gone, not a lot, but lesson learned.

Question- Can anyone get into my MEW with just my MEW ER20 wallet address? No private key disclosed, of course. Did provide, the usual twitter, telegram profile info. Should I worry about any other potential issues?

You're asking if someone can get into your MyEtherWallet with just your public adress? I wouldn't hope so, because that would mean that anyone that has access to a block explorer could get everyone's funds.  

Should I worry about any other potential issues?

If that's the only thing that you gave them, your adress, then there isn't too much to worry about. You might receive some spam email  ( if they're selling their userbase..). If you connected your twitter through an api ( gave them permission to do or see X, you should remove that. )

https://help.twitter.com/en/managing-your-account/connect-or-revoke-access-to-third-party-apps

No critical info was shared. Only social links etc...have taken down what I can and as noted in the other response, will create a new airdrop specific wallet (only use this to get the drops and them move to my trezor/MEW or another wallet.

Thank you for the guidance.

[cryptoblackhat]

If somebody could get into your MEW with just the public address, they could also steal money from *any* public Ethereum address with the same method

So treat this just like any other security best practices. Make sure there's no malware on your machine, and be careful where you put your private keys. Then you should be fine.