Main Takeaways
When the market stirs, so too do scammers and attackers. Their efforts can be surprisingly effective, even against experienced users. HashDit Extension is a complimentary, open-source Web3 security tool designed to shield you from a variety of cyber threats and phishing scams.The HashDit Extension is available in the Chrome Web Store now: https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi.
How Does The HashDit Extension Protect You?
The HashDit Extension is designed to serve as an extra layer of protection when interacting with websites that involve digital assets.
It works by sitting in between websites and extension-based wallets like TrustWallet and MetaMask, analyzing transactions, identifying risk factors, and alerting you to potential threats. This approach employs a multi-layered defense mechanism to safeguard your online interactions.
Let's take an example of a mining website that seems normal at first glance. Without HashDit’s protection, this is what you see:

However, here’s a view of the SAME phishing website with HashDit protecting you:

Workflow:
Here’s a visual of how our multi-layered defense mechanism keeps you safe.

Layer1: Real-time Scanning (Phishing) Before Connecting to the Website
The HashDit extension proactively identifies new risky websites and alerts you of any phishing or scam websites before interacting with them, thereby preventing any accidental divulgence of your sensitive information or funds. 
Potential wallet drainers can connect and clean out your wallet before you even realize it. The HashDit Extension patrols your wallet perpetually, identifying potential threats before they can connect to your wallet.

Layer2: Well-Rounded Detection Before Completing Transactions & Signatures
The HashDit Extension combines the website, transaction, contract and receipt address information in order to compile a well-rounded detection. This detection is then complemented with an analysis of the threat by generating warnings about risky transactions or suspicious signatures. 
Thus, the HashDit Extension ensures that you are aware of potential harm before proceeding with any transaction.

The HashDit Extension Pop Up - A Deep Dive
Not all users are familiar with transactions and signatures, especially new users to the crypto. Often, Web3 phishing websites entice users to participate in high-return projects. 
However, when users connect their wallets and click the receive button, the website asks users to approve unlimited USDT to an EOA (Externally Owned Account) address. This “approval” process is an ERC20 standard - a method of allowing any other address to withdraw funds from the owner without further permissions until the specified limit.
This means that this EOA address can empty the user's wallet at any time. This is one of the most common phishing methods, and our transaction detection will detect this risk and promptly warn users. 
Example 1:

Example 1: Function name and dApp URL risk analysis

Example 1: Contract risk analysis

Example 1: Function detail

Example 1: Involved risk addresses highlight in function detail

Example 1: Overall risks

Example 2: 
An attacker creates a vanity address that is very similar to the victim's address.
They then send very small amounts of cryptocurrency to the victim's address, hoping when victims see a transaction for a token they typically interact with in their transaction history, victims might copy the recipient address (thinking it is their own) and then send funds to that address. This is also called Address Poisoning. 

Example 2: Transfer value and recipient risk analysis

Example 2: Overall risks
HashDit’s Extension goes beyond just warning users. It provides easy-to-understand insights into transactions and signatures, increasing users’ knowledge and awareness. This is especially helpful for newcomers in the crypto world who are at risk of being exploited by scammers.                            

While maintaining your safety is important, maintaining your data privacy is equally important and is one of our primary concerns. The HashDit Extension has been engineered to never access your seed phrase or private key. We cannot, and will not ever, access your wallet directly. We aim to give you peace of mind and secure browsing in one single package.
Currently, HashDit Extension supports Ethereum and BNB Chain, with plans to include more chains like Polygon and opBNB in the near future.
Type of Risk Detected by the HashDit Extension

HashDit - A Background
HashDit is a Web3 Security Firm focused on providing a safe ecosystem for both protocol users and smart contract developers on BNB Chain. 
Our Goals:
Our central objective is to furnish crucial threat intelligence to empower everyday DeFi investors in making well-informed decisions. Navigating this intricate DeFi landscape poses challenges even for seasoned investors, let alone newcomers. HashDit aims to bridge this knowledge gap by offering timely and comprehensive threat intelligence on DeFi projects.
Our Partners:
HashDit's API integration extends its influence to numerous prominent applications, anchoring active measures to safeguard users from the clutches of fraudulent activities.
PancakeSwap: This leading DEX on the BNBChain, with a substantial $1.3 billion in TVL, seamlessly incorporates HashDit's solution. Automated scans of tokens within the PancakeSwap framework offer users discernible risk scores. This feature empowers users with real-time insights into potential transactional risks, bolstering informed decision-making amid their DeFi interactions.
TrustWallet: HashDit's API takes center stage within TrustWallet, an industry vanguard Web3 Wallet. Serving as a protective layer within the user experience, HashDit's threat intelligence suite preempts elevated risks by promptly notifying users before they connect to the dApp or execute transactions. This proactive approach ensures users operate with heightened vigilance, fortifying their engagement within the dynamic DeFi landscape.
BSCscan: A prime example of HashDit's impact unfolds through its collaboration with blockchain explorers, most notably BSCscan. Integrating risk alerts within the explorer's interface bolsters user prudence and caution. Users are empowered to tread warily when engaging with projects or addresses displaying suspicious or high-risk attributes. This measured approach fosters an environment of cautious exploration, preventing undue exposure to potential risks.
Disclaimer
Although the HashDit Extension can scan and detect a large number of threats, one should never solely rely on a single app to ensure personal security. Your most crucial defense is your personal digital and crypto security knowledge. Secure your assets by applying as many security and crypto best practices as possible. #DYOR

Always do your due diligence before interacting with any site claiming to allow you to generate passive/active income easily. We have seen an increase in interaction with a phishing site ‘defiminingfarm’.
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing.
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
How this phish works:
The site is set up to look like a mining platform active globally. They falsely claim to be partnered with sites like CMC,coinGecko etc.The site automatically requests a wallet connection as soon as the page is loaded.You are required to ‘activate the account’ to start, by clicking ‘Earn Eth’ and ‘confirm’.This calls an approve function to an EOA that gives them access to all your funds.The scammer then calls a transfer which will lead to a loss of all funds in your wallet. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]

A new website “mtcfund.io” has been seeing a rise in interactions. 
Our Advice: Stay Away! It seems to be a Fake Investment Scam posing as a staking website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
Concerning Facts: 
The website is poorly designed and none of the links actually work.They provide no information about the team or any documentation projectwise.
Red Flags:
To sign up you need to have a referral and if you do not you need to get one via telegram.To sign up you need to interact with their contract, which calls a registration function. The function is unclear as the contract is unverified and unpublished. Once you sign up, you see that the actual returns from staking are very low.To earn income you need to buy into a package and be part of a multi level program.You are required to build up a team via referrals and each level requires at least 5 referrals of the previous level eg: Platinum level requires 5 F1 golds.They offer multiple incomes from:A global money pool30-40% from a registration pool 20-30% from a 1 million locked token,$50k worth NFT.The scheme seems to be based on new members joining up continuously and will fall apart once this stops. 
This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team noticed a site “zedxion.site” aiming to phish users by claiming to be a presale fan token of ‘Chiliz Labs’.
Our Advice: Stay Away! It’s a phishing scam!!!  Scam Contract [BSCScan]: 0x2a68Ef2850300e42dC2E7733a489C6f1aFFc3d1AWe suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #Presale #memecoin🚀🚀🚀
RED Flags: 
The site is badly set up, to look like a presale of a new token. The favicon and imagery on the site refers to another coin. Clicking the ‘Claim 240000 CHILIZ’ triggers the wallet connection and requires you use the BNB chain to transact.This automatically triggers the transaction calling a ‘buy’ function.The result of the transaction is a worthless toke and a waste of your funds.Clicking ‘Swap’ leads to the page “https://zedxion[.]site/swap/” which resembles low cost cross chain swap sites that phish users.It calls the ‘Sending BNB’ function and transfers out your funds.Beware rushing to claim presales and airdrops of tokens without doing your research!

Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

HashDit team noticed that a few new websites “spccoin.in”,”spctoken.in” have been seeing a rise in interactions. 
Our Advice: Stay Away! It's a Fake Investment Scam posing as a staking website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #ETH #TrendingTopic #memecoin🚀🚀🚀
Concerning Facts: 
They claim to be a token designed to offer various payment services for SPC ecosystem projects.They claim to provide two platforms to earn unlimited amounts.
Red Flags:
To sign up you need to pay an activation fee [10 - 50 usdt].Once you sign up they promise you multiple sources of income.Direct Income: 5-10% your direct referrals activation fee.Level Income: requires a minimum of a 30, upto 50 usdt activation.They also promise a direct sponsor bonus of 10% with upto 16 levels of referral.They round it off, they promise a staking bonus of .30% - .60%.This scheme is built up around referring new members and having them purchase memberships.As soon as members stop joining or existing members stop funding the scheme it will fall apart. 
This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

Always do your due diligence before interacting with sites claiming to offer airdrops of new tokens. We recently received a report regarding “base-brett.xyz” claiming to be the original and then actually stealing user funds. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #TrendingTopic #ETH #memecoin🚀🚀🚀
How this phish works:
The site is set up to look like the original and offers tokens presale/airdrops. Clicking on the claim rewards button launches a connect wallet dialogue.The site then asks to sign an approval with the spender being a contract. The scammer then makes a ‘multicall’ to the contract resulting in a transfer from function from the victims address to the destination address(es) dictated by the scammer. This then leads to a loss of all tokens in the victim's wallet. 
Contract: https://etherscan.io/address/0x0f2fcdb446FB157A684F51a970Dd88CEf6430B71
Eg tx : https://etherscan.io/tx/0xadf9684612d3dd0b3aaaedb9dd470076fc47437dff954333991c81b7d19d81b6

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team noticed a series of fake sites “allocation-hamster.com”,”ciaim-hamsterkombat.com”, “claimhamster.pages.dev” aiming to phish users by targeting a new popular project “Hamster Kombat”. 
Our Advice: Stay Away! It’s a phishing scam!!!  Actual Social Media Links:Website: hamsterkombat.ioTwitter/X: @hamster_kombatTelegram: t.me/hamster_kombatWe suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #ETH #TrendingTopic #memecoin🚀🚀🚀
RED Flags: 
The sites copy the layout of the original website but change key parts to deceive the user.Another trick to be wary of is that the url ‘allocation-hamster.com’ redirects you to ‘allocation-hamsterkombat.com” without a redirect dialogue/notification. The Play Now button is changed to Claim Now / Claim Token.Clicking on the button triggers the wallet connection dialogue and an automatic triggering of the transaction.This aims to drain your wallet by using functions like ‘sending BNB’ to withdraw your funds. The site ‘ciaim-hamsterkombat.com’ also implements a wallet check mechanism to deny low value wallets from interacting, asking them to top up first.Once topped up the scammer would then drain the entire balance leaving you with nothing.
Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

TLDR: Beware sites claiming to be airdrops of new tokens. We recently received a report regarding “basedbrett.claims” and “scotty-theai-io.web.app” offering airdrops and claims but actually stealing user funds.  
Our Advice: Stay Away! These are Phishing websites meant to deprive you of your funds. Fake Contract[BscScan]: 0x0000d169F98E078B60bFb09A69D145e72dBE0000Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #ETH #TrendingTopic #memecoin🚀🚀
How this phish works:
The sites are set up to resemble the original, with a similar name and layout. Once the page loads they either automatically call the wallet connection dialogue or have you click to connect your wallet. Once you connect they call a function CLAIM.The idea is to make the user believe that they are claiming a token.However if you observe the amount deducted, it's the entire wallet balance.If you try to cancel the transaction, the site automatically retries the transaction to get the user to confirm it. Closing the page and then rejecting the transaction is the only way to stop the dialogue.The contract is unverified and any transactions will only lead to a loss of user funds.Always #DYOR before transacting on any site.

TLDR: Token impersonations of popular and fast climbing projects are on the rise and we have seen a contract impersonating the recently launched Notcoin and using social media apps to trick users into buying it via pancakeswap. 
Fake Token(Notcoin - BSCSCAN): 0xc71f74b62d827638513d4eb90021527eed2c622c
/ 0x6f24daa874e65ab70b25bbb4f1fe8f4398ab893a
Our Advice: It's a Scam! Always DYOR. This contract will steal your funds. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Actual Token Info:Binance launched Notcoin for trade on 2024-05-16. Please do your own research to ensure safety of your funds!Token Address: EQAvlWFDxGF2lXm67y4yzC17wYKD9A0guwPkMs1gOsM__NOTProject Website:Website: ‘https://notco.in’Twitter/X: @thenotcoin
#TrendingTopic #PancakeSwap #BTC #ETH #memecoin🚀🚀🚀

How these scams usually work: 
Popular platforms usually post information about projects with an upcoming presale/going live.Scammers view these posts and use social media apps to create fake support groups, impersonating the company and try to use fake websites/contract addresses to trick users. Once you have connected to the site or decide to transfer to the contract, the scammers try to get you to place or approve increasingly large orders or ask you to send funds to an address post which they will send you tokens.Once the user has confirmed the transaction, the funds will never be seen again.
Always do your own research! If it looks too good to be true, it probably isn't!

Red Flags: 
Beware being added to any support groups promoting or offering you investment advice or fast profits!! Contracts that are usually unverified/unpublished,to hide their functions. 
Case Of the Day: Exploiting FOMO
Binance posted an article introducing Notcoin (NOT) on the Binance Launchpool!.Scammers referenced the article and convinced users via a popular social media app, that they could purchase via Pancakeswap using their Binance Web3 wallets for a profit.Post launch we still see users getting scammed via fake tokens. Always Interacting with this contract resulted in users losing their hard earned funds to a scammer. 

TLDR: Beware sites claiming to offer low cost cross chain swaps. We recently received a report regarding “cremepieswap.site” but it's actually stealing user funds. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds. It works by calling a new deceptive function disperseEther.Fake Contract[Polygonscan]: 0xb0d3FFF0946990508a7Ca5A156324b1f3e2a3c3fKeep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
How this phish works:
The site claims to be a cross chain swap site and is similar in layout/pattern to other fake swap sites. Connecting your wallet to the website requires you to manually change the chain in your wallet first. Post this the site throws up a couple of toast notifications saying you can now swap.Swapping leads to a function disperseEther being called which leads to the wallet being drained. Reviewing the contract shows that it is an unverified contract. Always be wary of such contracts.#DYOR before transacting on any site.

TLDR: Beware sites claiming to offer airdrops of new tokens. We recently received a report regarding “connect-solanatokens-secure01c.com” claiming to offer airdrops but actually stealing user funds. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via swap phishing.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
How this phish works:
The site claims to be an airdrop site offering tokens presale/airdrops. Connecting your wallet to the website leads to it calling a swapEthForExactTokens function.This works by using swap providers like SushiSwap to swap your selected wallet token to as many output tokens as possible, determined by the path before sending the final token to the scammer's address.  A twist to this method is the scammer can set up the structure to route funds to a brand new address each time a transaction is called.A swap like this where the final destination doesn't match the sender is risky. Always examine your transactions before confirming. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

TLDR: A new website “newunity.io”,”app.newunity.io” has been seeing a rise in interactions. 
Our Advice: Stay Away! It's a Fake Investment Scam aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #ETH #BSC #Memecoins #hashdit
Concerning Facts: 
They claim to be “A private crowdfunding community united for change powered by blockchain technology”They claim to be “Founded on the principles of transparency, security, and inclusivity”
Red Flags:
When joining you require a referral and have to pay a $40 contribution per entry.Post Joining they mention multiple ways to earn:Fast start Donation: $5 everytime your referral contributes an entry.Unilevel builds: .50$ upto 10 levels of your referrals.Global build: 1.25$ upto 10 levels.They claim that you can make $10k+ just from the unilevel build as each level has unlimited referrals options.They claim you can make 25k+ from the global build as it is a dual matrix build.  They claim that you can also earn an additional 25K+ from your referral's global build. They also have a 10% deduction to automatically contribute to new entries.This scheme is guaranteed to fail as soon as new members stop joining or existing members stop funding the scheme. 
This has all the hallmarks of a scam promising very high returns but never actually providing any. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

TLDR: A new website “panthers.live” or ”usdt.panthers.live” has been seeing a rise in interactions. 
Our Advice: Stay Away! It's a Fake Investment Scam aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #ETH #BTC #PancakeSwap
Concerning Facts: They claim to be “the foremost networking platform globally”They also claim to provide “unparalleled security and efficiency for users worldwide”.The entire website is generic content about blockchains and cryptocurrency. 
Red Flags:
To join you are required to pay 10-80 USDT as a starter fee under their L1matrix.They claim that there is an automatic activation of levels and the next level’s cost is automatically deducted. The cost of the next level is double the previous level. Post Joining they mention multiple ways to earn:40% Direct sponsor bonus.55% Level Sponsor bonus2% Leadership CLub bonus 3% Royalty incomeThey also claim that you make both active and passive income. However all the above requires you to build at least a 10 level team. They also have an L2 Matrix that charges 10-164k USD to start. This follows the standard 2 referral downline pattern promising 20-50%This scheme is guaranteed to fail as soon as new members stop joining. 
This has all the hallmarks of a scam promising very high returns but never actually delivering any. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team has detected a trading/mining site “ertudite.com” engaged in a pig butchering scam. 

Our Advice: Stay Away! It’s definitely a scam!!! We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]

#TrendingTopic #BTC #ETH #Memecoins
Concerning Facts: 
The site claims that its “full range of products help you play with web3 encryption currency”The website name doesn't match its URL and was recently created. The reviews listed on the main page are all fake.They claim to be partners of Metamask/Trust Wallet and many other famous companies.They offer AI/Quantitative trading options to entice users into investing funds.
Red Flags:
If you interact with the contracts on their pages, it creates an off chain signature request[a permit request]. This signature can be used later to deprive you of your assets.The spender in this request is an Externally Owned Account.Spender: 0x4dac76e68e71250bb982b292ee30968575fbe4c9 [Etherscan]Reviewing the transaction history of the spender we can see a large number of permit calls authorizing the address to spend USDC.The trick used by the scammer here is that the scammer employs multiple wallets to send minor amounts of funds to the victims wallet simulating profits generated. This entices the victim to add/spend more funds leading to huge losses for them.The loss is only realized once large amounts have been spent in “trading” or more accurately, stolen by the scammer. 

E.g.: https://etherscan.io/tx/0xdfb311735c3855d8ba0b007d472f8c22b04731eddbe77cd2cb7aca13cd64481b0x4DaC76e68e71250bb982B292ee30968575fbE4C9 is authorized to spend 100 trillion USDC until the deadline of 2,625,150,269,000.

Some examples of the scammers supportive Wallets: 0x3d3ba959ae229b2a1992925c0c5e2309e51fc474,0x1eA195af7903D295Fa4F2Cc9dEA43424D5a24F17
Hashdit Warning:

Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

HashDit team noticed a new fake sites aiming to phish users being sent in unofficial social media groups ”babycatwifhat-token.pages.dev”, “pinksale.pages.dev”, “app.computingsmartweb.com”. 
Our Advice: Stay Away! It’s a phishing scam!!! The unique angle here is that this was a two part scam:The main aim was to get users on to the pinksale phishing page, to drain their funds.If they had any issues they were to connect to the “computingsmartweb” site which would require them to then provide their 12/24 word passphrase, resulting in them losing their wallet. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Actual Social Media Links:Website: babycatwifhat[.]memeTwitter/X: @babycatwifsolTelegram: @BabyCatWifSolUpdates to be Aware Of: Official Launch Is Set For Friday, April 12th, 5 PM UTC. 
#TrendingTopic #MemeCoinsSeason #Memecoins #SOL #Solana⁩
RED Flags: 
The social media group is an unofficial group.An admin pasted a Call to Action message with the fake project and fake Pinksale website, both having the “pages.dev” domain. The site “babycatwifhat-token.pages.dev” is a replica of the main site with none of its links working. The Pinksale replica page asks you to connect your wallet and clicking any of the buttons on the page turns them into “Claim” buttons. If you have low wallet balance, you will see the error message “No transaction fee”If you face any issues and attempt to rectify it via“app.computingsmartweb.com” you will be asked to enter your secret phrase, resulting in the loss of your wallet funds. 

Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

HashDit team has been seeing an increase in phishing content this year and a new one that seems to be trending recently is “mavia.builders”. 

Our Advice: Stay Away!! It’s a phishing website that will result in a loss of funds for you. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]

Actual Social Media Links:Website: mavia.comTwitter/X: @MaviaGameUpdates to be Aware Of: Mavia’s Ruby Marketplace release On May 5th! Don't fall prey to early release profit scams.
#TrendingTopic #BTC #ETH #MemeCoinsSeason #Memecoins
RED Flags: 
The site promotes a fake airdrop by Mavia.Content on the site is not clickable.Clicking anywhere leads to a “connect wallet” dialogue opening up that is entirely different from the actual site.Once you connect your wallet, unless you have a large amount of funds in the wallet you will receive a “Not Eligible” message.This trick is commonly employed by phishing websites to get you to connect wallets with large amounts of funds in order to completely drain them. The website is only 5 days old, being created on 2024-04-06All registrar details have been hidden with privacy protection services. 

Always #DYOR! And before confirming any transactions always double check the actual details!!!

HashDit team has observed a website ”catino-app.pages.dev” being populated via social media groups.
Our Advice: It's a Phishing Scam! Stay Away! Its designed steal your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin⁠⁠⁠⁠ #MemeCoinsBullRun
Red Flags:
The site url is “catino-app.pages.dev” , a hosted site. Recently there has been a trend of phishing sites being created via pages.dev. The social media links do not work. Clicking anywhere on the page leads to a wallet connection dialogue popping up. You are required to connect a solana wallet and then claim tokens, leading to a loss of funds.@CatinoWorld is the actual Catino art creator and tweeted that the Catino crypto is not his and is fake - https://twitter.com/CatinoWorld/status/1774632986006200621

It can never be stressed enough: Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

Token impersonations of popular and fast climbing projects are on the rise and we have seen a contract impersonating the yet unlaunched SAGA token and using social media apps to trick users into buying it via PancakeSwap. 
Fake Token(SAGA - BSCSCAN): 0x4e9E700947F1E7AcB3b45Fa0E28E1AC97A26D586
Our Advice: It's a Scam! Always DYOR. This contract will steal your funds. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Actual Token Info:Binance will be the first platform to list SAGA, with trade starting at 2024-04-09 08:00 (UTC). Any claims to offer this token for sale before the stated timeline are false advertising. Please do your own research to ensure safety of your funds!Project Website:Website: ‘http://saga.xyz’Twitter/X: @Sagaxyz__
How these scams usually work: 
Popular platforms usually post information about projects with an upcoming presale/going live.Scammers view these posts and use social media apps to create fake support groups, impersonating the company and try to use fake websites/contract addresses to trick users. Once you have connected to the site or decide to transfer to the contract, the scammers try to get you to place or approve increasingly large orders or ask you to send funds to an address post which they will send you tokens.Once the user has confirmed the transaction, the funds will never be seen again.
Always do your own research! If it looks too good to be true, it probably isn't!
Red Flags: 
Beware being added to any support groups promoting or offering you investment advice or fast profits!! Contracts that are usually unverified/unpublished,to hide their functions. 
Case Of the Day: Exploiting FOMO
Binance posted an article introducing Saga (SAGA) on the Binance Launchpool!.Scammers referenced the article and convinced users via a popular social media app, that they could purchase it prior to the Binance listing.The fake contract address was shared and profit expectations were generated.They were also instructed to purchase via PancakeSwap using their Binance Web3 wallets.Interacting with this contract resulted in users losing their hard earned funds to a scammer. 
#TrendingTopic #BTC #SAGALAUNCHPOOL #SAGA #ETH

We received a report of someone losing over 2000$ to: “blockchainbbank.com”
Our Advice: It's a Scam! Stay Away! This is a well designed ponzi created to steal your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #Memecoins #Web3
Concerning Facts: 
They claim to be “a decentralized bank built by the global community” and have “a PoS (Proof-of-Stake) mechanism is employed to reward participants”.They claim to be “a new ecological platform on the parallel universe, the first decentralized comprehensive financial platform globally empowered.”Social Media links on the site just lead to the main sites and are not links to the project.
Red Flags:
The site requires you first purchase a plan (Regular/Open) by paying in BNB or USDT.They promise an income of 182.5% ~ 279% with a daily rate of upto 3%. They claim you can start staking with 1 USDT however when you try it requires 10 USDTThe project requires you to pay 10% in “devs fees”.They claim that you can withdraw anytime, however they have a withdrawal fee of 10% for any day except Sunday. They say they have a “reward program”, requiring you to create a team from referrals.They promise 20% from each level 1 referral staking and 3% profit reward for each level1 referral profit amount. However unless you stake yourself you cannot receive referral earnings.There are 5 levels that the user can upgrade to based on staked amounts 40-5000 USDT.
Associated Contract:0x30e97b0b8d27009A061Dc81E8c3E14C796dd7b78The contract contains a backdoor function which could lead to losses for participants(usually rugpull risks).
This has all the hallmarks of a scam promising high returns but never actually providing any. Income generation seems to be via referring new members and having them stake funds. The scheme will fall flat as soon as incoming members dry up.

It can never be stressed enough: Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!