Many phishing sites imitate official pages and differ by only one or two letters.
Do not rely on appearance alone. Verify the URL and where the entry link came from.
Safety Guide
Most risks do not come from technology alone. They come from acting before you understand what is happening.
Before you interact, confirm these things first
Before you authorize or connect, confirm the wallet name and address.
Avoid connecting an unknown application when the context is still unclear.
Before you confirm, spend a few seconds reading the transaction details.
If you do not understand it, pause instead of proceeding.
Any website that asks for your recovery phrase should be treated as high risk.
Under normal circumstances, you should not need to enter that information on a website.
Many risks begin with a “do it right now” situation.
If you feel rushed, it is usually a sign to pause first.
Before transferring, confirm the receiving address and the chain.
A wrong address or wrong chain is usually difficult to recover from.
Web3 does not automatically protect you.
Each action still requires your own judgment.
In Web3, many mistakes do not happen because people are not smart enough. They happen because action comes too quickly.
Giving yourself a few seconds is often more useful than any tool.
Think one step further before common actions
Different situations carry slightly different forms of risk.
I checked the receiving address and the chain one more time
I know whether this asset is supported on the destination chain
I am not doing this because of urgency or pressure
If the amount is larger, I am willing to test with a small transfer first
I know what this application is and where it came from
I understand the approval scope instead of clicking confirm immediately
I did not skip checking just because it looked normal
If I am unsure, I am willing to pause first
I confirmed whether the source of this campaign is trustworthy
I did not lower my standards just because it looked free
I understand what actions are required instead of clicking directly
If approval or signing is required, I understand what it is for
Common patterns
Fake websites
Description
The interface looks almost identical to the official one, but the URL or entry point is not correct.
Why to notice
You may think you are using the normal site, while actually authorizing or giving information to a third party. Many problems begin in situations that seem harmless at first glance.
Fake airdrops
Description
A page uses rewards, an airdrop, or a limited-time opportunity to lead you into connecting a wallet or taking an action.
Why to notice
These pages often rely on time pressure and curiosity to trigger fast clicks and approvals. Once action becomes too quick, key details are easy to miss.
Wrong-chain transfers
Description
Assets are sent to an unsupported chain or to an address format that does not match the intended network.
Why to notice
Blockchain transactions are usually irreversible. Even a chain mismatch or address-format mistake may mean the assets cannot be recovered.
Malicious approvals
Description
An application is approved to use your assets before you fully understand what it is requesting.
Why to notice
Some approvals allow long-term or broad access to assets. The effect may not appear immediately. It can surface later when that approval is used.