The founder of Cybersecurity firm SlowMist, Yu Xian (Evilcos), has issued a warning about an increasing number of phishing attacks targeting the TON ecosystem.
According to SlowMist, numerous phishing links and bots are being disseminated through various groups. These projects make use of fake airdrops and other deceptive tactics to compromise users’ assets in their TON wallets.
A particular area of concern is the exploitation of Anonymous Telegram Numbers. These numbers are frequently used to create Telegram accounts.
If an Anonymous Telegram Number is stolen, there is a significant risk that the associated Telegram account could also be compromised unless the user has enabled a separate password for additional security.
SlowMist advises users to exercise caution and stay vigilant when encountering links or bots in Telegram groups, especially those offering airdrops or other incentives.
To protect against phishing schemes, users should enhance their security measures by enabling two-factor authentication and using strong, unique passwords.
The TON (The Open Network) ecosystem has experienced a remarkable explosion of projects lately, driven by a combination of internal innovations like the Telegram Mini app system, tap and earn reward system, and more.
This rapid growth is evident in the increasing number of decentralized applications (dApps) and the rising total value locked (TVL) within the network which currently stands at over $600M.
Another key reason for this explosion is the exclusive use of the TON blockchain for the Telegram advertising platform, which recently opened to all advertisers in nearly a hundred new countries.
This move ensures fast and secure advertising payments and withdrawals, allowing content creators to cash out their Toncoin seamlessly.
The TON ecosystem has also seen the emergence of popular game projects, such as Notcoin, a clicker game on Telegram based on the TON blockchain. The game’s appeal lies in its simple mechanics and the promise of actual cryptocurrency rewards, attracting a growing user base.
According to the ton.app website, there are currently 128 game projects in the TON ecosystem, showcasing the diversity and depth of the gaming sector.
While this expansion is happening, it is not unusual to see tens of fake Telegram communities of a particular project. These are schemes devised by scammers to steal from users or exploit their assets as they mirror the original project.
Most times these communities, which also have look-alike X (formerly Twitter) accounts similar to the original project, offer airdrops to mimic that of the original project.
Without due diligence and research, several users are lured into such communities, and their wallets, phone numbers, and other important details are compromised.
In some cases, if assets are not stolen from the wallets immediately, the smart contract signed by the user makes it possible for any other asset that comes into the wallet in the future to be automatically stolen by the scammers.
Mist is calling on all users – especially those expecting upcoming rewards from Tapswap, Hamster Kombat, Blum, and other games on TON – to be vigilant.