"Zero-Dollar Purchase" NFT Phishing Scams

On December 17, 2022, a Twitter user was defrauded of 14 BAYC, worth a total of 852 ETH, through a phishing scam involving "zero-dollar purchase" NFTs. The scammer, who was posing as an official account of a reputable project, built trust with the user and then sent him a phishing website to sign. By signing, the user unknowingly gave the scammer the ability to acquire his NFTs without paying any money.

It can be challenging for non-experts to detect scams by examining the signature content, as the signature frequently appears as a combination of letters and numbers that are hard to comprehend. Therefore, what are some ways to avoid falling for such scams?

  • To prevent falling prey to phishing scams, it is recommended to bookmark the official websites of commonly used NFT platforms. Additionally, by visiting these official websites, you can find their official social media accounts such as Twitter and Discord.
  • Avoid clicking on unfamiliar websites and never give approval for any signature requests on such websites.
  • Perform routine checks for any suspicious contract interactions and revoke any authorizations promptly.

What are the methods for identifying and revoking unauthorized access to NFTs?

Verifying and Revoking Authorizations

To check and revoke NFT authorization on ETH and other EVM chains, you can use Revoke.cash. The process is as follows:

1. To access Revoke.cash in imToken's ETH wallet, navigate to the "Browser" page, search for "Revoke" and choose "Revoke.Cash".


2. To connect your wallet to Revoke.cash, click on the menu icon in the top right corner, select "Connect Wallet" or input your wallet address in the search field.

Note: For EVM chains like BSC, Polygon, etc, click on the drop-down button to select the corresponding chain.


3. Find the NFT for which you want to revoke authorization, swipe left, tap "Revoke", and confirm on the pop-up screen, to revoke the authorization.


Scams exposed

Blocking low-value USDT/USDC/DAI transfers in ETH wallets

We previously exposed a scam involving zero-value transactions in TRX wallets in last month's report. Recently, this scam has also affected ETH wallets, with users receiving transactions of zero value for cryptocurrencies like USDT, USDC and DAI. Additionally, some users have reported receiving small transactions, such as 0.01 USDT or similar amounts, sent to addresses with the same last characters.

These types of scams exploit users' habit of copying addresses from transaction records when making transactions. It's essential to double-check the full wallet address or use the address book function before executing any transactions to avoid falling for these scams.

To enhance the security of its users' assets, imToken has implemented a system to filter out transactions that are less than 0.1 USDT/USDC/DAI in ETH wallets. This means that users will not receive notifications for small amount transfers of this kind. Additionally, imToken is constantly monitoring for new scam methods and updating its security systems to help protect users from such frauds.

Risk Control

In December, imToken marked 19 tokens and 209 addresses as risky and banned 1573 DApp websites.

If you come across any risky tokens or DApps, please report them to us at [email protected] to help more users avoid asset loss.


In 2022, imToken prioritized the security of its users' assets and performed 11 upgrades, uncovered 20 types of scams, and helped users avoid potential losses of at least $10 million through action against these scams. 

As we move into 2023, the security of our users' assets remains a crucial focus for us and we will continue to take necessary steps to safeguard them.