New phishing method: permit malicious transactions causing users to lose $230,000. Your wallet may also be at risk.

According to the latest news, a user was phishing by signing malicious permit and increaseAllowance transactions, resulting in the theft of $230,000 worth of aArbWETH and aEthLBTC. This is not an isolated case. Since 2026, similar on-chain scam cases have been frequently occurring, ranging from fake MEME coin projects to malicious contract transactions, with scam techniques continuously evolving. This incident reminds us that every decision before signing a transaction could determine the safety of assets.

How Phishing Techniques Work

GoPlus’s monitoring data shows that this scam involved two key malicious operations:

The dangers of Permit and IncreaseAllowance

These two functions seem harmless but can be extremely powerful when exploited. Permit allows users to authorize and transfer assets in a single transaction, while increaseAllowance increases the spending limit for a specific address. Phishers forge transactions or induce users to sign seemingly normal contract interactions, effectively granting themselves permission to transfer the user’s assets freely.

Key risk points:

• Users may not see the actual transaction content when signing
• Contract interfaces may be forged or hide critical information
• Once signed, the phishing attacker gains the authority to transfer assets
• Cross-chain assets like aArbWETH (wrapped ETH on Arbitrum) and aEthLBTC, due to lower liquidity, are more vulnerable targets

Why are these scams more likely to succeed

Users are often deceived in the following situations:

• Attracted by projects promising high returns and eager to participate
• Phishing links disguised as official channels or well-known projects
• Clicking confirm without carefully reviewing the signing content
• Lack of understanding of contract permissions

Recent Scam Patterns

The incident involving the RUG group manipulating dozens of MEME coins, exposed a few days ago, shows that scams in early 2026 have formed a systematic harvesting network. From fake “wealth creation myths” to malicious contract authorizations, scammers are using multiple methods simultaneously to harvest assets. This means that single-layer defenses are no longer sufficient.

How to Protect Yourself

Checklist Before Signing Transactions

• Only obtain transaction links from official channels; do not trust any direct links on social media
• Before signing, use on-chain security tools (such as GoPlus’s risk detection features) to verify contract addresses
• Understand exactly what the transaction you are signing does; if you don’t understand, do not sign
• Be cautious of unfamiliar projects; high returns often come with high risks
• Regularly review authorized contracts and revoke unnecessary permissions

Asset Allocation Recommendations

• Do not keep large assets on frequently used interaction addresses; diversify risk across multiple wallets
• Cross-chain assets like aArbWETH, due to lower liquidity, carry higher risks and should be handled more cautiously
• For funds involved in new projects, set a loss limit that you can afford

Summary

Losing $230,000 is a huge blow for one user, but from the overall market perspective, it is just the tip of the iceberg. The frequency and sophistication of scams at the beginning of 2026 are increasing. The key is to realize that in the on-chain world, every signing is a permission transfer that should be handled with the same caution as managing private keys. Do not lower your guard just because operations seem simple. The best protection is to ask yourself one more question before signing: Does this transaction really need my signature?