Malicious Smart Contracts

Smart contract diverts coins and tokens sent to a connected wallet of the scammers.

Sub techniques (4)

ID	Name
R06	Popular messenger group identification
R07	Scam victim identification
RD04	Create a malicious smart contract e g to divert coins tokens
IA05	Scam posting of account secrets

Mitigations

ID	Mitigation	Description
M02	Check smart contract	Investors with an affinity for technology should check the lines of code of the smart contract on their own before investing.
M15	Read the transaction message before signing	Before signing a transaction users should read the transaction message, which shows the kind of transaction they sign (e.g. send transaction, smart contract interaction).
M22	Check transaction address (public key)	Using a service users/investors should check the transaction address everytime since attackers could inject a script (or attack the smart contract) and divert coins/tokens to their addresses.