Beware of 3 Scams Using "Ethereum Merge"
Scammers may take advantage of the market buzz around the Ethereum merge to launch new scams targeting novice crypto users, including fake ETH2.0 token swaps, fraudulent ETH staking pools, and fake airdrops.Author: Jasmine, Beehive Tech
With less than 6 hours until the Ethereum merge, this blockchain network, regarded as the underlying infrastructure for the next generation of the internet Web 3.0, will completely change its consensus mechanism from the proof-of-work (PoW) mechanism to proof-of-stake (PoS).
Before the merge arrives, Steve Bassi, founder of the decentralized security network market PolySwarm, warned in a media interview that scammers may exploit the Ethereum merge as a market hotspot to launch new scams targeting novice crypto users. These scams include fake ETH2.0 token swaps, fraudulent ETH staking pools, and fake airdrops.
The official Ethereum website also cautioned on its latest "Security" page that the merge does not create any "ETH2" or any other new tokens, and users should not transfer ETH to any specified address in exchange for fake "ETH2" tokens. "Never share your wallet's mnemonic phrase with strangers."
Don't fall for high-return fraudulent staking pools
Due to the Ethereum merge, the PoW consensus that maintains network operation through mining will be replaced by the PoS consensus, which relies on staking to become validator nodes. According to Ethereum's rules, staking involves depositing 32 ETH to activate validator software on the beacon chain. Validators will be responsible for storing data, processing transactions, and adding new blocks to the blockchain. While ensuring the secure operation of the Ethereum network, validators can earn new ETH.
Steve Bassi believes that for many ETH holders, if they do not have the 32 ETH required to become independent validators, joining a staking pool will be their only way to earn staking rewards. However, joint staking providers "carry risks" because they typically require users to deposit ETH and relinquish control over that asset.
Bassi stated that new staking providers "may offer very attractive terms," but they could "suddenly rug pull," affecting participants in the pool. "This risk currently exists in various asset pools or tokens on DeFi platforms, and scammers are likely to exploit the Ethereum merge to find a new role."
As of now, in addition to staking directly to the beacon chain, many third-party service models providing staking for Ethereum have emerged, including staking-as-a-service, pooled staking, and staking services offered by centralized exchanges. The official Ethereum website also lists the risks, rewards, and requirements when using decentralized staking services.
(Comparison of ETH staking services)
Ethereum emphasizes that these paths cater to a wide range of users, differing in risk, reward, and trust levels. "Users must do their own research before sending ETH anywhere."
Beware of "ETH2 token" upgrade scams
Bassi also warned of another type of scam—tricking users into signing fraudulent transactions or using the pretext of "migrating to a new Ethereum chain" to extract users' private keys.
One upgrade scam repeatedly warned by the Ethereum official is the use of the concept of "ETH2"—before the merge arrives, scammers are likely to mislead users into exchanging their ETH for "ETH2 tokens." In reality, the merge does not create any "ETH2" or any other new tokens; "the ETH you currently hold will still be the same ETH after the merge, and no exchange is necessary."
It is important to know that as early as January this year, the Ethereum official abandoned terms like "ETH1" and "ETH2," replacing them with execution layer and consensus layer.
Previously, ETH1 was often referred to as the existing proof-of-work chain, which will be deprecated after the merge due to the difficulty bomb. Users and applications will migrate to the new proof-of-stake chain, which was previously referred to as ETH2.
To avoid confusion and prevent scams, the terms ETH1 and ETH2 have been discarded, and the Ethereum official has requested core developers to stop using these two terms, replacing "ETH1" with "execution layer" and "ETH2" with "consensus layer."
Therefore, any project that requires users to exchange new tokens under the guise of "ETH2" can be considered a scam. The Ethereum official website warns on its security page that scammers may appear as "technical support," telling users they need to deposit their ETH to a specified address to receive "ETH2." In reality, this is not official Ethereum technical support, and there are no new tokens. "Never share your wallet's mnemonic phrase with strangers."
It is also important to note that some derivative tokens or certificates may represent staked ETH, such as Rocket Pool's rETH, Lido's stETH, and Coinbase's ETH2, but these do not require users to migrate ETH to a non-existent "new chain," and users do not need to handle the underlying consensus conversion of ETH themselves.
Don't fall into phishing website traps for airdrop greed
In addition to the above two scams, Bassi added that another potential scam medium may appear in the form of "fake airdrops"—convincing users to sign transaction authorizations or access phishing websites to receive false airdrops. "The ETH merge will serve as a good excuse for these scammers to disguise themselves as well-known projects with economic value, promising airdrops."
Bassi explained that these airdrops may direct users to a phishing site where they could be tricked into giving away their ETH and private keys or fall into carefully designed transaction signature traps.
Around the hot topic of the Ethereum merge, scammers have already been impersonating Ethereum co-founder Vitalik Buterin using verified Twitter accounts to promote fake ETH airdrops, luring users to visit the scammers' crypto wallets, which are likely involved in phishing fraud and require investors to be cautious in identification.
(Fake Twitter account impersonating Vitalik Buterin)
In addition to scams, hacker attacks targeting the Ethereum merge should not be underestimated. Given previous testnet experiences, most observers expect the merge to succeed. However, Bassi stated that scammers or hackers may still find a way to exploit the system, "We really don't know if scammers or hackers have already developed attacks against the chain or DDoS techniques, and when ETH 2.0 has the full economic value of ETH 1.0, they could use attack techniques after the merge."
If such an attack occurs, Bassi believes it may only temporarily affect the network or the market, "because there are many smart eyes watching the behavior after the merge. However, attackers may seek opportunities to monetize any discoveries."
