The $50M 'Zero-Transfer' Scam: How 12,000 Users Lost USDT
A breakdown of modern phishing flows that weaponize token approvals and deceptive UI prompts. Learn what to review before signing.
Attackers now blend social engineering with approval-based draining to bypass common wallet checks.
The scam often starts with a harmless-looking transfer, then escalates to a signature that grants spending rights.
- -Verify spender identity before signing
- -Limit approval amounts instead of unlimited
- -Revoke outdated permissions regularly
How the zero-transfer pattern works
Victims see a fake transfer confirmation and assume the transaction is safe.
The follow-up signature quietly grants approval to a malicious spender.
Practical defenses
Always review the spender address and token allowance fields.
Use allowance dashboards to monitor and revoke risky approvals.
Trusted Security Partner of Industry Leaders
Strategic partnerships and compliance-first operations to protect users at scale.
UK-Registered Security Infrastructure
VIGIL Security Labs Ltd. is headquartered in London and operates under the strict compliance framework of the UK Financial Conduct Authority (FCA) (Ref: 928341). We are fully compliant with the EU MiCA (Markets in Crypto-Assets) regulation, ensuring institutional-grade privacy and security for retail users.
- ISO 27001 Certified: Bank-grade information security standards.
- Exchange Integration: Official security data provider for Binance & OKX risk control systems.
- Non-Custodial: We never hold your keys. Our audit logic is open-source and verified by CertiK.