[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"globals:en":3,"news:fake-verification-wallet-drainer:en":18},{"id":4,"logo":5,"favicon":5,"contact_email":6,"social_links":7,"tagline":14,"site_name":15,"footer_copyright":16,"meta_description_default":17},1,null,"support@coinpointr.com",[8,11],{"url":9,"platform":10},"https:\u002F\u002Ft.me\u002FCoinpointex","telegram",{"url":12,"platform":13},"https:\u002F\u002Fwa.me\u002F905330571565","whatsapp","Crypto exchange — offline and online","CoinPoint","© CoinPoint","Safe crypto and cash exchange.",{"id":19,"slug":20,"status":21,"published_at":22,"cover":23,"category":5,"country":24,"body":25,"title":26,"excerpt":27,"seo_title":28,"seo_description":29},6,"fake-verification-wallet-drainer","published","2026-06-15T21:31:48.216+00:00","\u002Fnews\u002Ffake-verification-wallet-drainer-en-2.jpg","tr","\u003Cp>Scammers increasingly pose as crypto wallet \"verification\" and KYC\u002FAML services — Sumsub, Chainalysis and the like. The victim's logic feels reasonable: \"they're asking me to pass a check, so it must be serious and safe.\" In reality it's a trap that drains your wallet with a single signature. Here is a real case and how to avoid losing your money.\u003C\u002Fp>\n\n\u003Ch2>What the scam looks like\u003C\u002Fh2>\n\u003Cp>You receive a link to a site that looks exactly like the real Sumsub — same logo, same \"KYC\u002FAML and crypto compliance\" copy, a big blue \u003Cstrong>\"Check your wallet\"\u003C\u002Fstrong> button. Only the domain is fake — for example \u003Cstrong>sumsubverified.com\u003C\u002Fstrong> instead of the official sumsub.com.\u003C\u002Fp>\n\u003Cp>The site then asks you to open it as a dApp inside your wallet (Trust Wallet, a TON wallet, MetaMask) and \"confirm your wallet for verification.\" A \u003Cstrong>\"Confirm transaction\"\u003C\u002Fstrong> screen appears: source — your address, DApp — sumsubverified.com, and inside it a \u003Ccode>TriggerSmartContract\u003C\u002Fcode> call with cryptic data. Many people tap \"Confirm\" without reading. That tap is the theft.\u003C\u002Fp>\n\n\u003Ch2>How the drainer actually works\u003C\u002Fh2>\n\u003Cp>No \"verification\" happens. The button hands you a \u003Cstrong>smart-contract approval\u003C\u002Fstrong> to sign. By signing, you grant a stranger's contract the right to \u003Cstrong>move your tokens without limit\u003C\u002Fstrong>. Seconds later a drainer bot sweeps your USDT and other tokens to the scammer's address. On-chain transfers can't be reversed.\u003C\u002Fp>\n\u003Cp>The core trick is a swap of meaning: a genuine source-of-funds check \u003Cstrong>requires no action with your wallet\u003C\u002Fstrong>. It's done from a public address — you simply provide the address or a transaction hash. Any \"verification\" that asks you to \u003Cstrong>connect, confirm or sign in your wallet\u003C\u002Fstrong> is theft.\u003C\u002Fp>\n\n\u003Ch2>🚩 Red flags\u003C\u002Fh2>\n\u003Cul>\n  \u003Cli>\u003Cstrong>\"Confirm \u002F connect your wallet to verify it\"\u003C\u002Fstrong> — real verification never works this way.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>A transaction signature, approve or connect-wallet\u003C\u002Fstrong> on a \"verification\" site — that's handing over access to your funds.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Look-alike domain:\u003C\u002Fstrong> sumsub\u003Cstrong>verified\u003C\u002Fstrong>.com, -check, -kyc, -app, etc. The official Sumsub is only sumsub.com, and it does not DM an exchanger's clients.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Urgency and pressure:\u003C\u002Fstrong> \"your funds will be frozen,\" \"verification expires in 10 minutes.\"\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>The link came from a \"manager\" in DMs\u003C\u002Fstrong> or an unknown contact. Always cross-check the account against the official one.\u003C\u002Fli>\n\u003C\u002Ful>\n\n\u003Ch2>How verification at CoinPoint really works\u003C\u002Fh2>\n\u003Cp>We do run an AML source-of-funds check — but \u003Cstrong>safely and without any access to your wallet\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n  \u003Cli>We \u003Cstrong>never\u003C\u002Fstrong> ask you to connect a wallet or to sign\u002Fconfirm a transaction on any website.\u003C\u002Fli>\n  \u003Cli>To check, it's enough to send your \u003Cstrong>wallet address\u003C\u002Fstrong> (a public string) or a \u003Cstrong>transaction hash\u003C\u002Fstrong> — that's all we need to assess risk.\u003C\u002Fli>\n  \u003Cli>We don't send links to third-party \"verification services\" and we don't rush you into signing anything.\u003C\u002Fli>\n  \u003Cli>We talk only through official channels: \u003Ca href=\"https:\u002F\u002Ft.me\u002FCoinpointex\" rel=\"noopener\" target=\"_blank\">@Coinpointex\u003C\u002Fa> and our offices.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>Simple rule: if a \"check\" asks you to \u003Cstrong>do something in your wallet\u003C\u002Fstrong>, close the page. If it asks you to \u003Cstrong>name an address\u003C\u002Fstrong>, that's fine.\u003C\u002Fblockquote>\n\n\u003Ch2>What to do if you already confirmed\u003C\u002Fh2>\n\u003Cp>Act fast — with drainers it's a matter of minutes:\u003C\u002Fp>\n\u003Cul>\n  \u003Cli>\u003Cstrong>Revoke approvals:\u003C\u002Fstrong> via your wallet's permissions section or a tool like revoke.cash — cut off the suspicious contract's access.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Immediately move the remaining\u003C\u002Fstrong> tokens and native coin to a new, clean wallet (generate a new seed).\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Treat the old wallet as compromised\u003C\u002Fstrong> — stop using it and its seed phrase.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Tell us\u003C\u002Fstrong> — we'll help you sort it out and check the new address before exchanging.\u003C\u002Fli>\n\u003C\u002Ful>\n\n\u003Ch2>Exchange crypto where it's safe\u003C\u002Fh2>\n\u003Cp>No \"wallet connections,\" no signatures — come to an office or message a manager, and we'll agree on the rate and terms directly:\u003C\u002Fp>\n\u003Cul>\n  \u003Cli>\u003Cstrong>Antalya, MarkAntalya\u003C\u002Fstrong> — Muratpaşa, Kızılsaray Mah., 77. Sokak No:1.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Antalya, Lara\u003C\u002Fstrong> — Muratpaşa, Barınaklar Bulvarı 27A.\u003C\u002Fli>\n  \u003Cli>\u003Cstrong>Istanbul\u003C\u002Fstrong> — Fatih, Ankara Caddesi No:6.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Live rate & contact: \u003Ca href=\"https:\u002F\u002Ft.me\u002FCoinpointex\" rel=\"noopener\" target=\"_blank\">@Coinpointex\u003C\u002Fa> or \u003Ca href=\"\u002Fen\u002Foffices\">offices on the website\u003C\u002Fa>. Stay safe 🙏\u003C\u002Fp>","Be Careful: Don’t Fall for the “Verify Your Wallet” Scam","Scammers impersonate Sumsub and ask you to \"confirm your wallet for verification.\" One tap and the wallet is empty. A real case, how the drainer works, and how verification at CoinPoint actually works.","The \"Verify Your Wallet\" Scam: Fake Sumsub & Drainers — How Not to Lose Crypto","A fake Sumsub (sumsubverified.com) and a \"Check your wallet\" button steal crypto via a smart-contract approval. Red flags, what to do if you confirmed, and how CoinPoint checks funds safely — using only an address and a transaction hash."]