
Two Scams Promote Fake Zilliqa Airdrop
The malicious resources have been classified by MetaCert Protocol as phishing sites.
Zilliqa is a blockchain based startup with the goal of hosting decentralized applications. Recently, a scammer impersonating Zilliqa has created a telegram group: h[xx]ps://t.me/zilliqa_airdrop falsely claiming an airdrop of ZIL Tokens will take place.
Anyone who follows Zilliqa on the team’s official Twitter can see that the company is against airdrops and giveaways: “Zilliqa (No airdrops or ETH giveaways).” And while the team is busy running smart contracts on a sharded architecture, they’re most certainly not not setting up scammy Telegram groups offering a percentage of ZIL tokens based on a portion of ETH you hold.
The scam on Telegram is reminiscent of one attempted by a would be scammer who tried to impersonate Binance support. If you don’t want to be randomly added to a Telegram group room where a phishing scheme is active, there are some easy steps you can follow to disallow unsolicited invitations.
Messages in the Zilliqa scammer’s room advertise a long past speaking event in New York on “May 15" and make reference a presence at #Consensus2018. Messages that follow are a set up for the airdrop scam, and direct users to h[xx]ps://zilliqa.site (now defunct). It’s claimed that everyone holding a minimum threshold over .1 ETH will receive a share of 4% of ZIL tokens, set aside for this purpose. In addition, one message sent to the group says “MAY AIRDROP” a possible reference to a scam perpetrated back in May, 2018, when scammers set up a similar phishing website, which has since been taken down, claiming that users had to turn over their private keys to participate in an airdrop.



Another phishing site in the same vein comes in the form of the still active site, h[xx]ps://zilliqa.plus. This site claims you can get at 2000 ZIL per ETH you’re hodling on to but first you must turn over your ETH wallet address, ETH balance, and ZIL balance. Clicking through to the next page will prompt you to provide your private key to get your reward. If you’re not sure how to get at your private key, the phishing site organizer was kind enough to include a guide teaching people how to access and share this inofmration. Should anyone follow this guide, the scammers will simply steal their coins, so I didn’t include images of it.


Cryptocurrency users should remember that it is never safe to turn over your private key. In the event that a project airdrops tokens to an address, it can be done without making users log in and provide information like a private key. If you do end up turning your private key over to a scammer, they can take all the tokens out of your wallet. Generally speaking, people don’t give their banking information to strangers, and the same level of care should also be applied to private keys. Keep them private.
Consider using a cold storage wallet to house your cryptocurrency. We recommend Coolwallet S, made by CoolbitX. Coolwallet is the first hardware wallet to integrate MetaCert Protocol in a mobile application, providing visual indicators that identify phishing attempts when inputting cryptocurrency recipient addresses. Send your cryptocurrency with peace of mind, and stop scammers in their tracks.
Make sure you download Cryptonite, the add-on for Chrome, Firefox, and Opera browsers. Cryptonite blocks phishing sites and gives you a visual cue with a black shield that turns green when you browse any cryptocurrency related web resource, from a site to a social media post. If the shield stays black, double check the resource.
Cryptonite is also the only way that you can participate in the MetaCert Protocol Beta Program, where you’ll get a special opportunity to earn a bonus on tokens.
I want to put out a special thanks to Adam Payne III, a member of the MetaCert community who took it upon himself to report this both of these phishing attacks to me. If you believe you have found a malicious resource you can report it for classification in our #report-url channel on the official MetaCert Protocol Slack group.
MetaCert Protocol is the best in the world at one thing — URL Classification.
MetaCert Protocol is decentralizing cybersecurity for the Internet, by defining ownership and URL classification information about domain names, applications, bots, crypto wallet addresses, social media accounts and APIs. The Protocol’s registry can be used by ISPs, routers, Wi-Fi hotspots, crypto wallets and exchanges, mobile devices, browsers and apps, to help address cyber threats such as phishing, malware, brand protection, child safety and news credibility. Think of MetaCert Protocol as the modern version of the outdated browser padlock and whois database combined.
Find out more about the MetaCert Protocol, ask questions, and leave suggestions on both our White Paper and Technical Paper. You can also join our Telegram community to stay up to date on our blockchain project. Remember to install Cryptonite to protect yourself from phishing scams before it’s too late.

