In what is quite possibly the most impressively convoluted way to phish private keys, scammers have begun coaching users through using this site (and others) to extract their secret information and send it to them. This is likely due to the increased friction and warnings wallets have been adding to their flows.
From a recent $100k+ loss report, as example:
So I checked etherscan.io and saw that you could send a message to the contract holder, so i sent a message about what happened and got linked to blockscan where you can chat.
There I got I thought someone from the helpdesk who could help.
After a whole introduction he gave me the next steps I took.
Option 1 : Claim it offline by using signature of your wallet ( ledger)
load the webpage and then disconnect you internet - In the webpage you will see a option called BIP 39 Menonmic - with a space to type ( use your 24 words ledger phrase there)
Onc you typed your 24 words in the offline page - you will get BIP 32 root key - that u can use as a signature to claim your funds
steps 2 : once u generate the BIp 32 root key, come back online and connect internet back after closing the webpage
In what is quite possibly the most impressively convoluted way to phish private keys, scammers have begun coaching users through using this site (and others) to extract their secret information and send it to them. This is likely due to the increased friction and warnings wallets have been adding to their flows.
From a recent $100k+ loss report, as example:
I added some quick warning text. Happy to update it to say whatever. Would really like to get a warning up there for end-users though. Thank you.