Okay another semi basic aspect of crypo I am not understanding. But I really wanna keep learning abt how these scams work so I don’t fall for em and can help other people.
Reading all these scams of people having their wallets drained. But on sol you gotta sign all your transactions. So for people to get scammed this way they gotta go to a sketch site and sign a transactions on their wallet? Do the malicious transactions mask what they’re actually doing or do people not read / pay attention?
And then other people have mentioned sometimes they just click on a link and that’s it (implying they don’t sign any transactions) . Is this possible or are they lying / not understanding what they did.
I assumed you have to kinda do a lot to get scammed on a hot wallet. Go to a sketchy site, AND connect your wallet and approve a transaction.
Bonus question, if u had have ur wallet only connected on one chrome profile and the clicked on link from another would that prevent any nefarious link from even attempting to connect to ur wallet?
Most of the time people fall for phising websites that look like the original, connect their wallet and approve a malicious transaction without paying much attention, because they trust the site they think they are on. That or they fall victim to some sort of “prize” they won that takes you to a malicious site where you have to connect and then approve a transaction that is supposed to give you your prize but doesn’t. Can’t really be masked, user should be able to see what the tx is doing on the chain before accepting.
Getting your wallet drained by just clicking a link is highly unlikely and the only scenario I could think of is a malicious javascript executing in the background and trying to find any seeds stored in plain text. But that would require it passing through browser script blockers, browser warnings, antiviruses and OS dialogs like UAC.