What is Phishing Attack?
The most common tactic for phishing attack is inducing users to enter a fake website, which is almost identical to the legitimate one, so as to obtain users' sensitive information for profit-making.
Case 1：Users click a fake TOKOK website link: www.tototok.com (official website link: www.tokok.com), and input account password to login. Then user's account information is stolen by criminals.
Case 2：A phishing email may claim to be from TOKOK and users click the link to the website without consideration. As a result, users' account password and ETH wallet private key are stolen by the phishing website.
Case 3：A text message may claim to be from TOKOK, and users send the verification code to the hacker according to the content of the message. The hacker logins users account via the information purchased from others, and uses the verification code received from user to steal users' account.
How to Avoid Pushing Attacks
- Login the only offficial website: www.tokok.com .
- Check carefully whether the link is correct for phishing website is identical to the legitimate site.
- Do not click the link received from strangers.
- Install security software and be careful with wallet private key and personal information.
- Do not attend activities which are not organized by offical and offer your wallet private key to others for small profits.