A Sample Lesson From Secure Airdrop Hunter.
Learning to identify fake URLs is a key skill to avoid getting hacked in Web3.
Here are the sneaky ways that scammers try to trick you:
(Feel free to bookmark this page)
In the case of Taiko, the URL for the bridge would have been either:
But in this case, the google result displayed taikobridge(.)xyz, which is a completely different domain.
Hackers would try to trick you into thinking that the domain with a hyphen is the same as the actual site.
However, they are 2 completely different domains.
For example, this scam used the domain receive-layerzero(.)network which looks very similar to the official site: https://layerzero.network/
Another example is LightLink, where the official URL is https://lightlink.io/. Meanwhile, this tweet is redirecting to a fake link: LL-lightlink(.)com
Recently, Symbiotic’s Twitter account was hacked and they led users to the domain community-symbiotic(.)fi