scam

Multisig wallets are especially useful for people working in teams or those who want an extra layer of security. But here’s the catch: scammers can also use multisig wallets to trick users and steal their cryptocurrencies. Let’s take a closer look at how multisig wallets work and some of the most common multisig scams.
What Is a Multisig Wallet?
In the cryptocurrency world, a multisig (multi-signature) wallet is a type of wallet that requires more than one private key to authorize a transaction. They are like the digital equivalent of two-factor authentication (2FA), requiring two or more approvals (signatures) before a transaction can happen.
You can set up a multisig wallet with different requirements, such as needing two out of three keys or three out of five, and so on. It’s like having multiple keys to a vault, where no one person can unlock it without the others.
Multisig wallets are commonly used in business collaborations, DAOs (decentralized autonomous organizations), and joint ventures. They can also be useful for family funds or anyone who wants a bit of added security for their digital assets.
Multisig wallets are often used to increase security, so how exactly are these wallets being used to scam people?
What Is a Multisig Scam?
The logic behind the scam is quite simple: scammers make victims believe they have full access to a crypto wallet when, in reality, they don’t. Below is an example of a scammer comment on a YouTube video:

You might come across many variations of this scam on YouTube, Twitter, Telegram, and other social media platforms, but their message will always include a private key or a seed phrase. If it’s your first time seeing it, you might be tricked into thinking it’s a new user asking for help, but don’t get fooled.
How Does a Multisig Scam Work?
There are different types of multisig scams, and they are particularly common on the Tron network due to the way Tron multisig wallets work. 
Some of the more elaborate multisig scams focus on tricking users into making their wallets multisig and adding the scammer as a co-owner. Once the scammers gain this level of control, they can effectively trap the funds or, in some cases, steal them directly.
These scams are usually related to phishing or impersonation fraud, where scammers pretend to be from a reliable customer support team. 
However, one of the most common multisig scams is much simpler and doesn’t require users to share their seed phrase or private keys. Instead, it’s designed to trick users into sending crypto to the scammer in an attempt to get funds from their multisig wallet. Let’s go through a common example.
Multisig scam bait using SafePal
To illustrate how the scam works, we will use the seed phrase shared in the YouTube comment we discussed above. First, we installed the SafePal wallet extension and imported the scammer’s wallet using the seed phrase provided.
With the wallet open, we can see that the scammer has 2,022 USDT as a TRC-20 token in the Tron network. At this point, most victims will try to transfer the USDT out of the scammer’s wallet.

However, the wallet doesn’t have enough TRX to pay for transaction fees. This is where the victim is tricked into sending TRX to the scammer’s wallet.
The scammer preys on greedy victims who rush to open the wallet in an attempt to take the funds. They quickly send crypto to the wallet to pay for fees but soon realize they can’t make any transactions because it’s a multisig wallet.
Remember, these wallets require multiple private keys (signatures) to approve a transfer. So, even if you have one of the keys, you won’t be able to sign transactions.
The good news is that if you fall victim to such a scam, you are probably losing a relatively small amount of crypto (whatever value you sent to pay for gas fees). However, the more sophisticated multisig scams we mentioned earlier can target your crypto wallet directly, potentially leading to much bigger losses.
Checking the scammer’s wallet address
If we search for the scammer’s wallet address (ending in Kk78Z) on the TronScan blockchain explorer, we will notice that the account is controlled by another address (ending in bHCoc). This is what a multisig wallet looks like on the Tron network.

Tron multisig wallets can be set up in many different ways. The wallet’s permission can be customized according to the weight given to each multisig account. 
In the example above, the scammer’s account (ending in bHCoc) has full access to the multisig wallet (“Owner Permission”), while the account used to bait victims (ending in Kk78Z) has only limited functionality.
How to Avoid Multisig Scams
To avoid multisig scams and other types of fraud, you should keep your personal information private, avoid using stranger’s seed phrases or private keys, and watch out for phishing emails and websites.
1. Keep your private keys and seed phrases private
No legitimate company, wallet provider, or crypto exchange will ever ask for your private keys or seed phrases. Keep them in a secure location and never share them with anyone.
2. Stick to official wallet apps and software
Only use wallet software and apps that come from trusted, official sources. There are many fake crypto wallets and exchanges, so double-check the URL and verify app authenticity before using them.
3. Regularly audit your wallet permissions
A good habit for multisig users is to check who has access to your wallet on a regular basis. Most wallets will let you review permissions in the settings. If you spot any unauthorized signatories, remove them immediately. You should also remove permissions of DeFi apps you no longer use.
4. Use hardware wallets for added security
Hardware wallets are physical devices that store your crypto offline. Even if someone compromises your multisig setup, they won’t be able to move funds without the hardware wallet's physical confirmation.
5. Enable two-factor authentication (2FA)
Most wallet providers and exchanges offer 2FA. Enabling it can add an extra layer of security, preventing unauthorized access to your wallet.
6. Stay informed
Cryptocurrency security is an ever-evolving field. New scams and tactics appear regularly, so it’s important to stay informed and keep learning about the latest threats and best security practices.
7. Wallet warnings
Unfortunately, it’s not always easy to tell if a wallet is multisig or not. However, due to the growing number of scams, some wallet providers have added security features that warn users about potentially dangerous wallets. 
Below are examples from SafePal and Trust Wallet, warning users that funds are blocked.

$ADA
$ETH
$SOL

1️⃣ Sam Bankman-Fried

Основатель FTX.

- Биржа рухнула.
- Миллиарды клиентов исчезли.
- Признан виновным в мошенничестве в США.

2️⃣ Do Kwon
Создатель Terra/LUNA.

- Обвал экосистемы на ~$40 млрд.
- Задержан и проходит судебные процессы.

3️⃣ Ruja Ignatova
Создатель OneCoin.

- Пирамида на $4+ млрд.
- В розыске ФБР.

❓ Вопрос аудитории:

Кто, по вашему мнению, нанёс рынку самый сильный удар?

1 — FTX

2 — LUNA

3 — OneCoin

Пишите цифру 👇

#Crypto #AML #ИсторияКрипты #Scam #BinanceSquare

Создатель OpenClaw — Питер Штайнбергер — рассказал, как его проект едва не погиб… из-за криптоспекулянтов.
Стартап купили OpenAI — казалось бы, живи и радуйся.
Но параллельно какие-то энтузиасты запустили левый токен, прикрутив его к продукту без согласия автора.
Дальше началось давление:
▪️ «Признай наш токен официальным»
▪️ «Забирай комиссии и развивай его»
▪️ «Пампи курс, мы закупились!»
Человека буквально травили за то, что он не пампит щиткоин, к которому не имеет отношения.
И это не просто хейт в комментариях:
🥷 попытки взлома GitHub
🥷 перехват юзернеймов во время ребрендинга
🥷 размещение фишинговых ссылок
По словам Питера, он был шокирован технической подкованностью атакующих — скрипты, автоматизация, софт.
В какой-то момент он был в шаге от того, чтобы нажать «Delete» и закрыть проект, лишь бы это закончилось.
Мораль?
Когда токен появляется раньше официального анонса — это не «сообщество», это давление с финансовым интересом.
Крипта даёт свободу.
Но толпа с bag’ами в минусе может быть опаснее любого медвежьего рынка.
#crypto #OpenAI #Web3 #scam #MISTERROBOT
Подписывайтесь — показываю обратную сторону крипто-романтики.

⚠️ Let's talk about Zero Transfers - Zero transactions in the blockchain.
This is a partial vulnerability available in blockchains that allows receiving a zero transaction to any user address or sending such a transaction from that same address. Scammers still use this feature today; although most wallets and blockchain explorers mark these transactions as fraudulent and prevent their data from being copied, there are still applications that allow this to be done.
🔍 The essence of the scheme is that after each of your operations (for example, receiving/sending USDT), a zero transaction is automatically made to your wallet address, where the sender's wallet is very similar to the wallet of a real transaction you conducted. This is done so that in a hurry, you might copy the address of the last transaction and, after checking only the first and last characters, send funds to the scammers. Such wallets can have both the same beginning and end of the address simultaneously.
What does it look like?
✅ Real recipient address: TKnnGBuZhtvsomgU3K9dEdWBHA3UfrKTgV
🙅‍♂️ Scammer-generated similar address: TKmCKgTkFT4GhVRH7h4vN9cGiGhtfrKTgV
👨🏻‍💻 Recommendations:
Always take your time to check the entire recipient's wallet address, not just the first and last characters.
If a similar situation has happened to you, contact us — we will help track and recover lost assets!
ℹ️ Info Alliance - everything about crypto security!

#news #scam #scamriskwarning #crypto #Chainlink