The SlowMist security team published an article to expose a new type of cryptocurrency scam. The scam uses the remote procedure call (RPC) function of the Ethereum node to defraud funds.
The specific malicious process of the scammers is as follows: induce users to download the imToken wallet and use 1 USDT and a small amount of ETH as bait to gain the trust of users. Then, the scammer guides the user to change the RPC URL of their ETH to a node controlled by the scammer, which uses Tenderly's Fork function to falsify the user's USDT balance. After seeing the wrong balance, the user may try to transfer the money, and the scammer has disappeared at this time.
According to SlowMist Technology, this type of scam takes advantage of the user's trust and negligence, resulting in asset losses. The SlowMist security team reminds users to be vigilant when trading and avoid using untrusted RPC nodes.