The founder of Uniswap, Hayden Adams, recently alerted the crypto community to a concerning new wave of scams targeting users through deceptive user interfaces (UIs) in crypto wallets. These scams involve fake clones of Ethereum Name Service (ENS) domains, where scammers purchase domains closely resembling legitimate Ethereum addresses. This allows them to deceive users and potentially siphon off funds without their knowledge. In this article, we will explore the details of these scams and discuss how users can protect themselves.
The scam works by substituting alphabetic characters with alphanumeric sequences in the ENS domain, making it closely resemble the intended recipient’s Ethereum address. When unsuspecting users enter the genuine Ethereum address into their wallet UIs, they are shown the scammer’s address instead of the actual recipient’s address. As a result, users might unknowingly send funds to the scammer’s address, falling victim to the scam.
To illustrate this, Hayden Adams highlighted a specific instance where a bad actor purchased the ENS domain “[myEthereumAddress].eth,” which closely resembled his own Ethereum address, “0x11E4857Bb9993a50c685A79AFad4E6F65D518DDa.” This example emphasizes the urgency for wallet interfaces to integrate filters that can detect and prevent these scams from occurring.
Hayden Adams stressed the importance of wallet interfaces integrating filters to address these scams effectively. By implementing filters, interfaces can detect domains that closely resemble legitimate Ethereum addresses and highlight them as suspicious. This added layer of protection can significantly reduce the number of users falling victim to these scams.
However, Nick Johnson, the founder of ENS, expressed a different perspective. He suggested that interfaces should refrain from autocompleting names altogether, as this could be excessively risky. According to ENS’s user experience (UX) guidelines, such a practice is discouraged. Johnson’s view sparks a debate about the best approach to mitigate these scams and protect users from unintentional mistakes.
In a related incident, scammers misused ENS domains to mimic the wallets of major exchanges. They achieved this by registering multiple ENS domains using a single address that closely resembled the hexadecimal addresses of highly active accounts. These scammers then added “.eth” at the end of these addresses to make them appear legitimate.
For example, the FTX address “0x2FAF487A4414Fe77e2327F0bf4AE2a264a776AD2” was mimicked as “0x2FAF487A4414Fe77e2327F0bf4AE2a264a776AD2.eth.” By doing so, scammers aimed to intercept payments directed to these fake domains and exploit the feature of many wallets supporting ENS domains as valid destinations for asset transfers. As a result, users are at risk of inadvertently sending their assets to these fraudulent domains with a single misclick.
As the number of crypto scams continues to rise, it is crucial for users and wallet interfaces to remain vigilant against deceptive user interfaces. The scams exploiting ENS domains shed light on the need for stronger filters and improved user education to protect against these fraudulent activities. By understanding the techniques employed by scammers and staying cautious when entering Ethereum addresses, users can reduce the risk of falling victim to these scams. Additionally, wallet interfaces must prioritize the implementation of advanced filters and follow recommended UX guidelines to provide a safer and more secure experience for their users in the crypto space.
Leave a Reply