[Challenge Submission] <"Free Airdrop" Token Trap> #1
Description
📌 Challenge Overview
Challenge Title:
"Free Airdrop" Token Trap
Difficulty Level:
- Beginner
- Intermediate
- Advanced
Description / Scenario:
The user visits a fake "airdrop claim" site promoted via social media. The site promises free tokens for connecting a wallet and clicking "Claim Airdrop." However, the claim action triggers a malicious contract call requesting unlimited token approvals.
Learning Objective:
Learn to identify suspicious token claim pages, verify token approval requests before signing, and always double-check URLs and contract interactions.
Phishing Technique Used:
-
Approval bait using a fake airdrop dApp
-
Fake token claim with misleading transaction purpose
-
Uses common web3 wallet prompts to build trust (e.g., mimicking real claim flows)
📸 Screenshots / Demo
🪙 Reward Wallet Address (USDT - ERC20 Polygon/Arbitrum)
(Required if accepted for the 30 USDT reward)
0x2B602d2f559a0bADf4D5956D03f2b330fBC2e9F9
✅ By submitting this challenge, I agree to open-source it under the project's license and allow the Unphishable team to modify or improve it for consistency.