Once again, the official EOS website has been targeted and an almost identical scam copy has been created, but with the addition of a part that does not exist, namely the one related to a phantom 100 million EOS distribution.
The modus operandi of the criminals has become quite clear to users: they create an account, load it with a smart contract scam, they borrow resources from REX and start sending either small amounts of EOS or a token created to confuse the victim, as in the case of the Voice token.
The scam website that gives away EOS
In this case, we can see how a new account was created, 4 days ago, which is called blockonenews, (there is a strong link between gu3timzxgmge and b1refundfund, where the latter received funds from the Binance exchange and so it is possible to identify it) and is using the memo field to send the following message:
“EOS Reallocation Program @ get-eos.io”.
If we go to the scam website, created on July 30th, 2020, we can see how it is pretty similar to the original, but the first thing we see is this message, inciting to participate in the scam:
It may almost seem like something legitimate since the criminals refer to a piece of news of a year ago about the proposal to reallocate resources in EOSio, but clearly, it isn’t.
Evidently, the criminals are in several official chats and actively follow the discussions to have more information and build scams that seems plausible.
If we keep exploring the website, we are asked to link our wallet. A list of wallets compatible with this blockchain is also provided, both for desktop and mobile, and additionally, the scam website asks us for our private key.
After trying to connect our wallet, we’ll see a “claim” button and also how many EOS we’re entitled to, inviting us to sign the next transaction.
Signing the transaction triggers the trap because it would give the criminal the authority to change the account keys and then remove the victim from their own account.
It is therefore necessary never to interact with platforms that give something away, especially if they come from big projects, because it is difficult, if not impossible, that there is a giveaway of this magnitude.
In addition, the amount of tokens offered is so high that it looks ridiculous.
Another strategy that has been adopted over time is to hide transactions of small amounts in order to hide the memos since some participate on purpose to insert a memo and warn users that it is a scam.