TON, The Open Network, has been flagged for being susceptible to phishing attacks, and renowned security firms have cited multiple approaches bad actors use.
This new threat is a sophisticated “adversary-in-the-middle” attack designed to cajole victims and bypass their security protocols.
TON’s Vulnerability to Phishing Attacks
Blockchain security firm SlowMist has called out The Open Network for being susceptible to phishing attacks on Telegram. This is a form of social engineering scam in which attackers deceive people into revealing sensitive information or installing malware. In phishing attacks, the victim unknowingly gives approval to the scammer.
According to SlowMist, the messaging app’s ecosystem is too free, making it susceptible to phishing links delivered through airdrops , among other ways.
“There are more and more phishing activities in the TON ecosystem. The Telegram ecosystem is too free, and many phishing links (or bot forms) are spread through message groups, airdrops, and other deceptive methods to lure away users’ TON wallets in batches,” SlowMist said .
In addition to airdrops, SlowMist indicates that non-fungible tokens (NFTs) and anonymous Telegram numbers are among the delivery baskets of phishing attacks.
Also Read: 15 Most Common Crypto Scams To Look Out For
Following the report, TON’s total value locked (TVL), the amount of capital invested in specific decentralized finance, dropped by $14.21 million. Meanwhile, its market cap dropped by $1 billion. A decline in these metrics can indicate a loss of investor confidence, a decrease in network usage, or a shift in capital to other ecosystems.
“Currently, TON’s wallet model has very serious security risks,” Xiao Zcloak noted .
It is worth noting that phishing attacks are not new, and they have even targeted Google ads . In August 2023, for instance, one ad led a victim to almost fall for a scam that would have ended in a $900,000 loss. But there are multiple ways to to protect against phishing attacks.
It is paramount to stay informed about common tactics and verify the authenticity of links before interacting with them. Likewise, using two-factor authentication, strong passwords, and a password manager adds an extra layer of security.
