BCCN3

View Original

Top 10 Anti Phishing Extensions

On January 28th, Azuki's Twitter account was hacked, resulting in their followers being directed to a phishing link, leading to the theft of over 122 NFTs worth over $780,000. Only 2 days ago, Moonbirds NFT project founder Kevin Rose had his wallet drained, with approximately 40 NFTs stolen, resulting in a loss of over $2 million. The phishing technique used was simple and effective, where a signature alone is enough to have assets fished away on OpenSea's authorized assets. 

It seems to go without saying that everyone is at risk of being phished, even the founders of top projects. Here is a list of anti-phishing extensions that you should consider saving in your bookmarks.

PeckShieldAlert

PeckShieldAlert, a product of the PeckShield team, holds the top spot with over 50,000 installations and available in both Chinese and English. The website shows that it has collected 1,286,478 malicious addresses and 90,931 phishing websites and is continuously updated. Currently, it only supports two chains, ETH and BSC.

It includes functions such as token contract monitoring, wallet authorization management, active defense against fraudulent tokens, active defense against phishing threats, trusted domain detection, and malicious plugin detection to prevent phishing websites.

Pocket Universe

With over 20,000 installations, Pocket Universe is available on Firefox, Microsoft Edge, and Google Chrome, and is only applicable to the Ethereum mainnet. It claims to have partnerships with Metamask and Coinbase wallets. It includes functions such as monitoring malicious Seaport transactions, Honeypot NFTs, and phishing websites.

Pocket Universe does not require linking to the wallet; it also verifies transaction security by simulating transactions, which slightly affects the transaction speed, but no more than 1 second.

Revoke.cash

With over 10,000 installations available in both Chinese and English, Revoke.cash is suitable for all EVM-based chains such as Ethereum, Polygon, and Avalanche. Itis available on Firefox, Microsoft Edge, and Google Chrome.

It includes functions such as a warnings for non-whitelisted NFT trading sites and phishing sites, and authorization revocation.

Fire

With over 10,000 installations, Fire is compatible with the Ethereum mainnet and Polygon, and is compatible with any Ethereum wallet such as MetaMask and Coinbase.

It monitors and scans ERC-20, ERC-721, and ERC-1155 transactions made by users to verify their safety.

Wallet Guard

With over 6k installations, it is an incubation of Binance Labs.

Wallt Guard blocks access to recently created and low-trust websites, automatically disables malicious extension applications, and monitors and blocks access to phishing websites.

MetaDock

With over 3k installations, MetaDock’s code is open source and is a product of the security company BlockSec team.

It supports BTC, ETH, BSC, Polygon, Fantom, Arbitrum, Cronos, Avalanche, Optimism, Moonbeam public chains, and Opensea. 

MetaDock can view the flow of funds to addresses, monitor NFT collection risks, and interact with products such as Debank and NFTGo.

Blockem

Blockem utilizes AI algorithms to simulate transactions and score addresses. An interesting approach.

Metashield

Less than 1000 installations, Metashield’s code is open source, and is the first project incubated by BuidlerDAO.

It identifies ‘approve’ and ‘send’ transactions, and helps users to warn and intercept phishing websites through black and white lists and checking the status of authorized addresses. No need to connect a wallet or authorize.

Stelo

Installed less than 1000 times, Stelo is also open source, suitable for any Chromium-based browser.

Stelo pauses the transaction requests sent to Metamask by wrapping the window.ethereum Javascript object injected into the page by Metamask. Once the user approves the transaction in Stelo, it will resume the Metamask request. If the user rejects it, it will cancel the request.

Scam Sniffer

Installed less than 1000 times, Scam Sniffer is another open source project. Features include Detector API, which monitors malicious behaviors such as transferring user assets and requesting authorization, and simulated transactions.

Although all these products have done a great job, they still cannot 100% prevent the loss of coins and NFTs. Any product, article, or reminder is only an auxiliary, and building one's own security awareness is the only way to avoid losing assets.