Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
CFD
Stock CFD Derivatives
US Stocks
Access real US stocks and ETFs
HK Stocks
Trade quality Hong Kong-listed stocks
Korean Stocks
SK Hynix
Real Korean stocks and top assets
Stock Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
IPO Access
Unlock full access to global stock IPOs
GUSD
3.8%
Mint GUSD for Treasury RWA yields
Stocks Activities
Trade Popular Stocks and Unlock Generous Airdrops
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
$GT $SOL $LAB Community member Conan (ending in xBQt, Solana chain)
Today's share: Send 100U, empty your entire net worth? In the Web3 era, the current prevalent coin-stealing schemes and survival guide
I. Introduction: The Dark Forest of Web3
When we talk about futuristic terms like crypto, blockchain, and DeFi, we often overlook a brutal reality: this is a lawless, unregulated, no-regret dark forest. You think you are embracing digital wealth, but in fact, countless eyes are on your wallet, waiting for you to make one small mistake—scanning a QR code, clicking a link, entering a seed phrase—and then all your assets could be gone from your wallet into the scammer's pocket in seconds.
Recently, a scam called "Send 100 USDT, empty your entire net worth" has been spreading wildly in the crypto circle. The scammer only needs you to send 100 USDT, and through technical means, they can transfer all the USDT from your wallet. This sounds unbelievable, but it is real. Today, we will break down the logic behind this scam and other coin-stealing tricks you must know, to help you find a safe survival path in the dark forest of Web3.
II. Coin-Stealing Tricks Exposed: From Scanning QR Code to Being Scammed in Just 3 Seconds
2.1 QR Code Coin Theft: You Think It's a Transfer, But It's an Approval
This is the most common coin-stealing method and the core logic of "Send 100 USDT, empty your entire net worth." The scammer sends you a QR code, claiming it is a payment code for you to send 100 USDT to that address. You scan, enter the amount, click confirm, thinking the transaction is done. But in reality, you are not transferring coins; you are approving a scammer's smart contract to allow them to transfer all the USDT from your wallet.
Technical Principle: On Ethereum and its compatible chains, USDT is an ERC-20 token whose transfer mechanism relies on the "approve-spend" model. Normally, to trade on a decentralized exchange, you need to first approve the exchange's contract to spend your USDT. Scammers exploit this mechanism by creating a malicious smart contract. When you scan and confirm, you are actually approving that malicious contract to transfer all USDT from your wallet. This method is also called "Approve phishing."
Case: In May 2026, a Brazilian security researcher exposed a fake Ledger Nano S+ coin theft case. The scammer made a hardware wallet that looked almost identical to the genuine Ledger, with malicious firmware built in. When the user entered their seed phrase, the firmware sent it to the scammer's server, allowing the scammer to transfer all assets from the user's wallet.
2.2 Airdrop Coin Theft: Free Lunch Is Often the Most Expensive
Scammers disguise themselves as DeFi projects or exchanges and post ads in communities: "Free 1,000 USDT airdrop, first come first served!" inducing you to scan a QR code to claim. You think it's a free gift. After scanning and claiming, you find some USDT actually arrived. But in reality, while claiming the airdrop, you also approved a scammer's smart contract. By the time you realize, the money is gone.
Psychological Analysis: Scammers exploit human greed and the "it won't hurt to try" mentality. Who wouldn't want free USDT? Moreover, scammers often set a very short validity period, such as "today only," making you act without thinking.
2.3 Customer Service Stealing Private Keys: You Think You're Asking for Help, But It's a Trap
Scammers lurk in various communities. As soon as someone says, "My wallet can't transfer or withdraw," they jump in, claiming, "I'm a customer service rep from XX exchange; I can help you." Then they send you a fake ticket saying, "The system requires you to enter your seed phrase to verify identity and resolve the transaction issue." You think you've found a kind helper, enter your seed phrase, and the scammer gets your private key, transferring all your assets and blocking you.
Case: In September 2025, a user in a crypto community said their wallet couldn't withdraw. A self-proclaimed "customer service" private messaged them, asking them to enter their seed phrase. After the user did so, 12,580 USDT in their wallet was instantly taken—0.01 USDT was transferred first, then the scammer took the rest, leaving the wallet balance at zero.
2.4 Fake Wallets: You Think You're Downloading a Wallet, But You're Downloading a Virus
Many people search for wallet downloads on search engines, e.g., "TP wallet download" or "MetaMask download." But what you don't know is that the top search results are often fake apps made by scammers. You download and install, deposit assets, and lose control completely—your money is gone forever.
Case: In April 2026, a fake Ledger Live app appeared on the Apple App Store. Within a week, more than 50 users were scammed, losing a total of up to $9.5 million. The fake app's interface looked almost identical to the genuine Ledger Live. When users entered their seed phrase, it was sent to the scammer's server, allowing the scammer to transfer all assets.
2.5 Hardware Wallet Scams: You Think You're Buying Security, But You're Buying a Time Bomb
Hardware wallets should be the safest asset guardians, but now scammers have set their sights on them. Those ultra-cheap hardware wallets you see on Pinduoduo or JD.com are often refurbished second-hand units that have been tampered with. After you buy one and store large assets, the scammer steals them, closes the shop, and opens a new one under a different name.
Case: In February 2026, an investor received a fake Ledger email saying their hardware wallet needed a firmware update or their assets would be at risk. The investor clicked the link in the email and entered their seed phrase. In an instant, $2.84 million was taken.
2.6 Phishing Links: You Think You're Clicking a Link, But You're Opening the Gates of Hell
Once you enter the Web3 circle, besides waiting for a windfall, you must guard against phishing links. Scammers post various links in communities, such as "latest airdrop," "free token claim," "project whitepaper." If you accidentally click and slip into approving something, you lose control of your assets—instantly to zero.
2.7 Seed Phrase Security Issues: You Think You're Saving a Backup, But You're Handing Over the Keys
Your seed phrase is the highest authority credential for your wallet. Once leaked, assets can never be recovered. Many people, out of laziness, screenshot their seed phrase and save it in their photo album, cloud storage, or notes—not realizing these apps can read your photo album. This is practically handing the keys to scammers.
Correct Practice: Handwrite two copies of your seed phrase and store them in two different places. For example, one in a home safe and another in a bank safe deposit box. Don't store only one copy, and never store it on any internet-connected device.
2.8 Gas Fee Scam: You Think You're Sniping a Bargain, But You're Sending Money to Scammers
Scammers deliberately leak the seed phrase of a multisig wallet that does have a balance. Newbies think they've found a bargain and rush to send gas fees to try to transfer the funds, only to find they can't. Their gas fee is gone. In short, that wallet is a joint account; only one set of seed phrases is leaked, and you can't move the money. The scammer is just tricking you into paying the fee.
Technical Principle: Multisig wallets require multiple signatures to transfer. The seed phrase leaked by the scammer is only one signature; without others, no transfer is possible. But you don't know that. You think having the seed phrase is enough to move the money, so you add gas fees, find you can't transfer, and the gas fee is taken by the scammer.#GUSD年化升至3.8% #ANSEM持币地址突破12.2万 #美终止对伊朗石油制裁豁免