Scam Prevention
Last updated
Last updated
Wallets are the main way users interact with the blockchain, yet most wallets don't have built-in security features to protect users from known scams.
Some of the most popular wallets lack even the most basic protections, providing no indication to users when they are about to interact with a known malicious destination.
Oz Security APIs allow wallet developers to easily incorporate high-quality, community-sourced threat signals directly into their products without hiring an internal cybersecurity team.
Wallet Drainers
Wallet drainers are contracts that steal all tokens from your connected wallets in a single transaction. They've stolen 100s of millions of dollars from self-custodial crypto users since their creation, and there is no end in sight.
Wallet developers can protect their users from drainers by integrating the Oz threat intelligence API directly into their wallets. Developers can choose how to warn users about malicious destinations like wallet drainers, including completely blocking all interactions with their contracts.
Our goal is to make every wallet into a security-focused wallet by allowing every wallet team to easily access the security signals they need to protect their user base.
Credential Theft
The most common way wallets are hijacked in crypto is via credential theft, typically by convincing users to share their seed phrase. Once the phrase is shared with the attacker, the funds are quickly transfered out of the user's wallet.
Wallets can integrate the Oz threat intelligence feed for URL reputation to prevent users from interacting with malicious web pages. When users visit these pages, the wallet developer can display a warning to the user to prevent them from interacting with content on the page, and instruct them to think twice about sharing their wallet details with the page.
Drive-by attacks
Drive-by attacks are a form of cyberattack where a malicious web page attempts to automatically install harmful code on a user's device.
By warning users of the malicious domain in the wallet, users can navigate away from these web pages and avoid installing malicious code on their device.