A phishing scam discussion.

[IjawMan]

A long post but carefully read please.

I was going through a thread today on Reddit that OP narrated his painful experience of a loss of big  money in millions to a phishing scam which began with him downloading a phishing wallet from a fake site.

Subsequently, users began to make their comments about cautious procedures to take for protection of phishing links and sites. But what made me export this story from there to the forum is for the clarification of a fairly disagreement/debate between two users about this phishing scam, which I find confusing about who is correct with their replies and who is not.

FIRST USER:  argued that such phishing scam drains it victim money from wallet automatically in a quick instant on connecting to the fake site.

SECOND USER: argued that connecting your wallet alone to a phishing site does not automatically drain it, ontil you the victim have to perform a signing in your of your information or wallet private key.

I do not know if I explained the story to a simple understanding. I'm bringing this in the forum that I may know which is correctly said, so I do not misinform someone else in making effort to supply them information with similar case in future.
Thank you all.

[Hazink]

Depends on how the site is built, there are scam Dapps which are design to extract the key to your wallet immediately you sign in that wallet connect permission, there are also those who which they need to send you something which you need to from your wallet permit it, so both of them are some how right just that one tries to use his explaination to debunk the other persons own.

[Stalker22]

I suppose they could both be right.  It really just depends on how the specific scam is set up.

[rbynxx]

I think the second user has the correct way of explaining it because I did encounter a site that was a phishing one but it could have not drained my wallet balance if I didn't do the signing of transaction. I guess it wouldn't be that automatic at all but I think some knowledgeable hackers has some way in it to let it drain automatically and I hope that wouldn't be the case on our sides. Let's be vigilant as always and don't simply be blind of downloading or anything especially if you're interacting on some sites that might cause harm on your wallet.

[Patikno]

The first opinion could be true in the case you described. You should be aware that a site can automatically, or directly steal information from its victims (including wallet theft), which is why some suspicious sites will be blocked by browsers, citing the insecurity of connecting to them. As far as I know, most sites that can directly steal information are those that don't have SSL certificates, or don't have encrypted connections, making it easier for scammers to carry out the theft directly.

The second opinion could also be true, because phishing sites can have SSL certificates, which means they use it to trick potential victims. These scammers hope they will enter sensitive information on their site, so the scammers have a record of that information in their database, including the private wallet key.

The important conclusion is this: we should always check the legitimacy of a site, ensure it is official and free of any malicious activity, and always check information from the relevant community about the site you are planning to visit.

Some time ago, coinmarketcap site was hacked, and displays malicious pop-ups regarding wallet connections to visitors. I think it was a deface attack, but the main point is, you need to verify the authenticity of anything, including the official website you are visiting, because it could be compromised due to an attack. So, that is what I mean by the importance of checking with the relevant community, because usually the relevant community will talk about something strange. Even official websites can be dangerous at one point, let alone unknown ones. Therefore, whatever you do online, or in the cryptocurrency world, always verify the authenticity. Cmiiw.

By the way, I am curious about the case you described. Could you provide a source? Maybe, it will become clearer, if we read it carefully, and we can understand how the phishing scam site works.

[Zaguru12]

FIRST USER:  argued that such phishing scam drains it victim money from wallet automatically in a quick instant on connecting to the fake site.

SECOND USER: argued that connecting your wallet alone to a phishing site does not automatically drain it, ontil you the victim have to perform a signing in your of your information or wallet private key.

Both are easily possible depending on how the scam was designed, for example on the first one you can connect ti a specific site using your wallet and it doesn’t needs to actually have you sign in before they can be able to steal your keys and that means they will use their own external wallet to actually import such keys of phrase into it and them empty the wallets but this one is highly unlikely and not so common.

The most common one is drainers luring people to the site and you need to actually sign in before you can actually give them access and once you sign before you revoke it, they would have placed a drainer bot your wallet already.

The second is the most likely thing to happen and it’s what is happening although many of us haven’t heard of the first happen it is seriously possible too.

[TokenTikas]

I do not know if I explained the story to a simple understanding. I'm bringing this in the forum that I may know which is correctly said, so I do not misinform someone else in making effort to supply them information with similar case in future.

On this matter, there is really no way to disagree with the arguments given by the first and the second users. However, one more point can be made clear here, which is about phishing sites. No matter how a phishing site is created, once someone enters it, there are usually some mandatory tasks that ask for user access and if those are completed, the site can take full access to the user’s account.
Because of this, it is important to remember that if any site asks for wallet access while visiting it, that should already be a sign that something is not right. For that reason, wallet access should never be shared anywhere. In the crypto space, one must always stay careful and avoid doing anything carelessly.

[hd49728]

FIRST USER:  argued that such phishing scam drains it victim money from wallet automatically in a quick instant on connecting to the fake site.

SECOND USER: argued that connecting your wallet alone to a phishing site does not automatically drain it, ontil you the victim have to perform a signing in your of your information or wallet private key.

You don't need to argue with them and perhaps you don't have too deep knowledge enough for convincing explanations to them, just pointing them to available resources about most common scam methods exclusively phishing scams.

Sharing the resources to them, making it simple but accurate.
The cryptocurrency scambook.
Specifically about the phishing scams.
Punycode Phishing attacks - how to stay safe - Spoofed URLs and fake websites!
What to do to avoid phishing sites.