Article sourced from: SafePal
'Dark forest', a concept derived from (The Three-Body Problem), is also the most naked summary of the current Web3 security landscape.
The crypto industry, especially on-chain as an emerging field, has sufficient imaginative space and innovative gameplay, but it is also like a 'dark forest'. Whether old users or new players, familiarizing oneself with the various risks that may be encountered on-chain and trying to avoid them is an eternal topic we need to learn continuously.
Recently, a scam technique targeting non-custodial wallet users has quietly become popular. It utilizes the observation wallet (wallets that support 'observation mode') function, using a fabricated trust mechanism and a carefully designed logical chain to trap victims, who fall into the trap without any vigilance. For ordinary users, this scam seems elementary but is highly deceptive and destructive.
Scammers exploit novice users' unfamiliarity with decentralized technology and wallet operation processes to steal crypto assets. In this context, understanding and being vigilant about these common yet deadly security risks is particularly important. This article will analyze the operational model of this new type of scam in detail and provide users with a series of preventive tips.
What is the 'observation wallet' mode of non-custodial wallets?
As we all know, the observation wallet mode is a feature of non-custodial wallets for crypto assets, allowing users to view the balance and transaction history of a specific wallet address.
Due to the transparency of blockchain, all wallet addresses on-chain, their corresponding balances, and transaction records are transparently visible. Users can use blockchain explorers and other tools to enter any blockchain wallet address to view its asset balance and on-chain records, including receipts, transfers, on-chain authorizations, etc. In this process, the identity of the wallet owner remains anonymous unless they choose to disclose it.
As a non-custodial wallet, SafePal also provides observation wallet mode, for example, when users create a new wallet, they can choose to create a new wallet, restore an old wallet, or choose to import an observation wallet mode (click here to view SafePal's official tutorial on importing observation wallet mode).
The image below compares the observation wallet mode and the normal wallet homepage, from which it can be seen that the observation wallet only allows balance viewing but does not have transfer or exchange operations.
When users import observation wallet mode, they only need to fill in the wallet address to conveniently view the on-chain balance and transaction history of this wallet. However, since the observation wallet does not represent actual ownership of the wallet and only provides viewing functionality, users cannot operate the assets within the wallet in observation wallet mode.
For this reason, the observation wallet mode is often used by the public to track and monitor the on-chain financial situation and trends of specific wallet addresses, such as regulatory monitoring of blockchain anti-money laundering or tracing funds from hacking incidents.
But it should be noted that users cannot perform any transfer transactions on this wallet address, nor does it equate to owning that specific wallet address. Only users who possess the private key/mnemonic phrase of the wallet address can access and manage the assets within the wallet address.
The scam technique we mentioned today is a fraud designed by scammers using users' unfamiliarity with this background knowledge.
How does the 'observation wallet' scam work?
In fact, the core operational idea of this scam is for the scammer to contact and manipulate the victim into believing they can access the funds of the wallet address (usually the scammer will use a wallet address with a large amount of funds) and tell the victim that they need to perform a transaction to unlock their funds, but in reality, they can only view the wallet balance and have no access or ownership.
Here is a typical operation mode of this scam:
Scammers approach users: Scammers impersonate wallet team support staff, often contacting users through social media platforms (such as Twitter, Telegram, or Reddit) and initiating conversations by offering 'help' or 'investment' related to wallet issues. Some scammers may also post 'fake help requests' online, similar to 'I have a problem with my money here, can't withdraw it. Is there anyone who can help me withdraw it? I'm willing to pay a handsome reward.'
Publishing false messages: Scammers claim that the user's wallet needs 'verification' or 'upgrade' to access the funds inside. They often guide users to download wallet applications from the app store, making it look like they are instructing users to complete the normal wallet creation process.
Importing wallet address: Then, the scammer asks the user to import the address into the wallet in observation mode, allowing the user to see the wallet's balance, which may contain a large amount of cryptocurrency. The scammer continues to claim that the user needs to pay a Gas Fee or deposit additional cryptocurrency into the specified wallet address, which is a trick to make the user believe they need to pay a fee to unlock the funds in that wallet address.
Theft of funds: Once users send funds to the scammer's address, they will not receive any returns, and the scammer will disappear. In other cases, the scammer may continue to ask for more funds to be deposited or transferred to the wallet address under other false pretenses or promises.
Why is this scam effective?
This scam is effective because users often do not fully understand that due to the transparency of blockchain, all wallet addresses can be tracked and viewed on-chain. Viewing the balance of a wallet address may lead inexperienced users to mistakenly believe that this equates to accessing or owning the wallet, when in fact, it is merely viewing.
In this scam, the scammer takes advantage of the victim's lack of understanding of the observation wallet mode, while also stimulating the victim's greed or sympathy through the chat process, providing an opportunity for exploitation.
So how to protect yourself? It's simple. If you are using SafePal or any other decentralized or non-custodial crypto wallet, be sure to pay attention to the following security tips to avoid falling into these scams:
Do not trust messages from strangers: Under normal circumstances, the wallet's official team will never contact users through social media or direct messages (DM). Any unsolicited offers of help or opportunities to make money or requests for personal information should be treated with extreme caution.
Understanding observation mode or viewing on-chain wallet addresses: Whether it’s SafePal or other non-custodial wallets, the observation wallet mode is a feature that only allows viewing of wallet balances. It enables users to track the wallet's balance and transaction history but does not allow any transfers or withdrawals (actual access to the specified wallet address requires a private key or mnemonic phrase). Users cannot transfer funds from the wallet in observation mode, so if someone asks you to 'unlock' or 'access' the funds in observation wallet mode, there’s no doubt it’s a scam.
Avoid sending funds to unknown addresses: If someone asks you to send funds to an unknown address to 'unseal' your crypto assets, this is a dangerous warning signal. Scammers typically ask users to pay Gas Fees or other fees, but SafePal and most legitimate wallet platforms never require users to transfer to a specific address to unlock funds.
Only download applications from official websites: Ensure that you only download wallet applications from official app stores (like the Google Play Store or Apple App Store) and avoid downloading from unverified websites or links, as these applications may be malicious or scams.
Report suspicious activities promptly: If you encounter suspicious messages or potential scams, you are welcome to report them immediately to the wallet's official channels, which helps protect the community and prevent others from becoming victims.
Conclusion
'Not Your Key, Not Your COIN'.
This is actually one of the most brutal statements in Web3, after all, 'decentralization' and 'security personal responsibility' are two sides of the same coin. When asset ownership is truly returned to individual control, it also forces each user to be responsible for their own assets, completely stepping into the 'dark forest'.
Therefore, with the diversification of on-chain scam techniques, learning and understanding the principles of blockchain non-custodial and decentralized wallets, along with common scam methods, has become an indispensable survival skill for every Web3 user.
Staying vigilant and safely navigating the on-chain 'dark forest' is a compulsory course for each of us to adapt to the rules of the decentralized world.
