Only transferred 1 USDT, why are the other coins gone? Understand token transfer permissions

In recent times, there has been a surge in fraudulent cases. Everyone must be vigilant to prevent asset losses! Today, this article aims to analyze an authorization scam, which is a typical case of fraud.

(This article is authorized and reprinted from imToken, originally titled "I only paid 1U, why did all my other coins disappear?" Original article here)

A friend gave me a link to test by transferring 1U to the address in the link. I sent 1U over, and then it was stolen; my friend provided me with a receiving code, I scanned the code and only paid 1U, but all the remaining coins disappeared.

Advertisement - Continue scrolling for more content

I only paid 1U, why did all my other coins disappear? The problem actually lies in inadvertently granting token transfer authorization to this so-called "friend" when you paid 1U through the link or QR code provided by them.

What is Token Transfer Permission? Can you provide an example?

In Alipay, there is a feature called "Intimate Payment." When I enable this feature for my family members, they can make purchases and the payment will be deducted directly from my account. Even if my family members do not know my Alipay password, they can still use the funds in my account.

A similar situation occurs when you grant "friend" token transfer permission. Even if the recipient does not know your mnemonic phrase and payment password, they can transfer the tokens from your wallet. Often, you may not be aware that you have given this permission.

Scammers may send you a link or a fake QR code pretending to be a receipt for imToken. When scanned, it redirects to a third-party website displaying a fake transfer page. By enticing you to make the transfer, the scammer gains the corresponding token transfer permission and steals the assets from your wallet.

How to Distinguish Between Genuine and Fake Transfer Pages to Avoid Scams?

Pay attention that after scanning the payment code, you should be directly redirected to the transfer page. If a prompt for third-party DApp access appears after scanning, it indicates that the payment code has been replaced by scammers, and scanning it will lead to a fraudulent website.

Another way to distinguish between genuine and fake transfer pages is by looking at the icon in the top right corner of the page. A fake transfer page created by scammers will have icons of "···" and "X" in the top right corner, while the native transfer page in imToken wallet will have a QR code scanning icon.

Of course, when you are unsure of the trustworthiness of the recipient, there is a more cumbersome but secure method: ask the recipient to provide the receiving wallet address directly (instead of a QR code) and carefully verify the receiving address and transfer amount before proceeding with the transfer.

When initiating a transfer on a genuine page, you will see a detailed transfer confirmation page with information such as the USDT receiving/sending address and amount, without involving any other content.

On a fake page, when initiating a transfer, you will receive a transfer authorization prompt. If you click to confirm, the scammer will gain permission to transfer the corresponding tokens from your wallet. In the example shown in the screenshot above, although the fake page displays a USDT transfer at the top, the scammer actually obtains permission to transfer LON tokens.

Imtoken.godnest.club Requesting LON Transfer Authorization

imtoken.godnest.club is a fake DApp name created by scammers. Once you confirm the authorization, the scammer can transfer all the LON tokens from that wallet address.

If you have scanned QR codes from unknown sources or made transfers on third-party websites, your token transfer permission may have been obtained by scammers. To better safeguard your assets, we recommend creating a new wallet in imToken and transferring your assets to it.