A cryptocurrency user lost $908,551 in a phishing scam that unfolded 458 days after he unwittingly signed a malicious approval transaction. The initial scam began with an ERC-20 approval transaction, likely executed through a phishing website, granting a scammer's wallet access to the victim's funds. The theft occurred on August 2, following a significant change in the victim's wallet activity. On July 2, the victim deposited $762,397, followed shortly by another deposit of $146,154. This increased balance prompted the scammer, linked to a known fraudulent wallet, to drain the wallet in a single transaction after patiently monitoring it for a month. This incident highlights the risks associated with delayed phishing attacks where scammers wait for optimal conditions. Experts advise Ethereum users to routinely review and revoke old token approvals to safeguard their funds.

Source đź”—