In a stark warning to the crypto community, 23pds, the Chief Information Security Officer (CISO) at blockchain security firm SlowMist, has raised the alarm about a growing phishing campaign that targets users by impersonating YZi Labs.
Fraudulent websites are being crafted to mirror the official YZi Labs platform, exploiting the trust associated with the project to deceive users into handing over sensitive information or granting access to their digital wallets.
These fake platforms are designed with a high degree of sophistication, mimicking real interfaces and offering fake “claim” events to lure unsuspecting users.
The emergence of such tactics highlights the escalating threat of cybercrime in the crypto space, particularly as bad actors continue to evolve their methods.
Phishing Scams Exploit Airdrop Hype to Steal Digital Assets
The core of the scam centers on misleading “claim” events, commonly promoted in the crypto world to distribute tokens through airdrops or rewards.
Users who fall for the scheme are prompted to connect their wallets or input personal credentials on what appears to be a legitimate website.
In doing so, they unwittingly authorize malicious smart contracts that can drain their funds or compromise their security.
While SlowMist has not disclosed the number of victims or exact losses, online activity and internal intelligence suggest that the scam is spreading rapidly.
The firm has urged users to double-check URLs, avoid unverified platforms, and stay informed through trusted security sources.
Also Read: SlowMist’s Founder Warns, Without 2FA, Privy-Based Wallets Are At Risk Of Losing All Assets
Public Call for Action Targets Industry Leaders to Strengthen Security Awareness
To draw wider attention to the growing threat, 23pds took to the X platform to tag major industry figures, including Binance co-founder CZ and investor Ella Zhang, as well as the official YZi Labs team.
The strategic move is intended to amplify awareness and drive collective action across the Web3 ecosystem.
His post emphasized that the scam is “catching on,” pointing to the wide reach and impact it’s already having.
By calling on prominent voices and stakeholders in the industry, 23pds is rallying for a united front against phishing campaigns, advocating for stronger coordination between security experts, platform operators, and project developers.
Surge in Phishing Incidents Spurs Cybersecurity Collaboration and Tech Innovation
The fraudulent use of YZi Labs’ name comes amid a broader trend of increasingly aggressive cyber threats in the Web3 space.
In an earlier update, SlowMist has partnered with DeFiHackLabs and ScamSniffer to launch a proactive anti-phishing platform, designed to educate and protect users from such scams.
The collaboration aims to provide real-time alerts, scam detection tools, and user-friendly guidance on how to navigate safely in a decentralized digital landscape.
The development follows other urgent alerts from SlowMist, including the $8.45 million exploit of Zoth’s smart contract and a warning about hijacked Chrome extensions redirecting user traffic.
These events serve as a powerful reminder of the critical need for continuous innovation in cybersecurity tools and greater awareness among crypto participants.
Also Read: SlowMist Warns of Phishing Threats by Scammers Disguised as Zoom Meeting Links