Slowmist, a well-known blockchain security and auditing company, is paying attention to recent dangers surrounding the Web3 digital wilderness. Web3 users reportedly were scamned for over $20,000 while interacting with fake websites, which are the domains that look like Changenow websites. This loss has made it more sensitive to increased risk and refinement of phishing attacks. Proactive user education is urgently needed.
Slowmist SecurityAlert🚨
Users lost over $20,000 after visiting the fake @changenow_io site.
Are you focusing on the letter “e” in pic1?
This is a #punycode attack. This is the trick explained in the Blockchain Dark Forest Self-Guard Handbook (Photo 2).Beware of browser recommendations – pic.twitter.com/isyjo9xeft
– slowmist (@slowmist_team) May 11, 2025
Modern phishing schemes are deceived by the threat of pnicode
The suspicious scam was planned in a Panicode attack. Punycode is a website attacker’s tactic to create fake website addresses that resemble real ones. To proceed with this, they create malicious URLs using special characters from other languages. The attack tricked the victim into inserting a single letter “Cylilic E” into the address of a fake website.
This tactic is hardly noticeable to the general eye. Users lost over $20,000, considering the legal Changenow site. A complete details on this method are explained in Slowmist’s “Blockchain Dark Forest Self-Guard Handbook.” It emphasizes the need for consciousness in the rapidly evolving cryptographic landscape.
Slowmist advises to advise cross-check verification to take charge of crypto fraud
SlowMist strongly recommends that users use multi-step validation before becoming involved with the Web3 platform. It’s not enough to just rely entirely on browser suggestions. Even one project link on the official X account is unreliable. SlowMist recommends that users use platforms such as CoinMarketCap, Coingecko, and Defillama to verify the domain of their website. All of these platforms are used to list links for approved projects.
Additionally, for further protection, SlowMist recommends verifying the legitimacy of your account through follower count, account age, and verification badges. However, the platform emphasizes the need for a multi-step verification strategy to avoid fraud. The continuous evolution of phishing tactics has also strengthened the user’s defense mechanisms. SlowMist also encourages users to maintain alerts and count trustworthy websites.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
