BLACK FRIDAY: Save on Ledger Flex, select Ledger Nano wallets and accessories.

Shop now

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Honeypot Crypto Scam Meaning

Mar 16, 2024 | Updated Mar 16, 2024
A honeypot crypto scam employs a malicious smart contract to entice unsuspecting victims with the prospect of substantial returns or rewards. The scheme’s ultimate intent is to swindle the victim’s funds.

What Is a Honeypot Crypto Scam?

In a honeypot crypto scam, an attacker uses a cryptocurrency wallet, token, or smart contract to bait unsuspecting users into investing, transferring, or trading crypto tokens. 

Honeypot scams often bait investors with a sumptuous “pot of cryptocurrency” or the promise of substantial returns. The scammers may pose as novice users seeking help or as honest businesses rewarding users. Individuals falling for such gimmicks make investments or transfer cryptocurrency to the scammer’s wallet. Only later do they realize that it was all a ruse and they’ve been defrauded.

 How Does It Work?

A honeypot scam happens in three steps. First, the bad actor deploys a smart contract that seems to have a design flaw that allows any user to extract the contract’s tokens. This is the “honeypot,” preying on users’ instinctual greed. What’s the catch? The user must first send a certain amount of cryptocurrency to the contract. 

Secondly, the unwitting users transfer the required cryptocurrency deposit and attempt to exploit the vulnerability to cash out. However, a second vulnerability prevents the victims from withdrawing their initial deposit and the contract’s stash. And finally, the attacker cashes out all the funds from the contract, including the victims’ deposit.

For example, Dechat mistakenly posted a honeypot smart contract link on Feb 26, 2024, on their social media platforms, which exposed users to financial loss. The protocol, however, immediately rectified the error.

Alternatively, the attacker first contacts other crypto users via social media platforms. They pose as novice users with substantial crypto funds requiring help cashing out or transferring. The bad actor promises the victim a portion of the said tokens and even provides their private keys to earn the victim’s trust and appear naive. 

While the victim finds a substantial amount of tokens that have significant value, they cannot be utilized to cover transaction costs. Hence, the victim is compelled to deposit the native token of the blockchain the wallet operates on to withdraw the tokens. Unfortunately, the funds are instantly redirected to another wallet using automated scripts once they reach the wallet.

Permissioned Blockchain

A permissioned blockchain is a distributed ledger with limited accessibility. Only certain authorized individuals can access it.

Full definition

Altcoin

Altcoins refers to any other cryptocurrency apart from Bitcoin. They are called altcoins because they are considered alternative currencies to Bitcoin.

Full definition

Wen Moon

Full definition