I had always loved participating in crypto airdrops, where new projects distribute free tokens to attract users. One day, I saw a tweet from a verified Ethereum-based project announcing an airdrop of ETH2 tokens, their supposed new upgrade. The post had thousands of retweets and replies, and the project had over 100,000 followers. It seemed like a great opportunity to get in early.

The tweet included a link to claim the free tokens, which led to a website that looked exactly like Ethereum’s official site. It asked me to connect my MetaMask wallet and sign a transaction to confirm my eligibility. Since I had done this with real airdrops before, I didn’t think twice.

The moment I signed the transaction, my wallet balance went to zero.

Instead of receiving free tokens, the transaction I signed had given the scammer full access to my wallet. Within seconds, all my Ethereum and other tokens were drained to an unknown address. Panicked, I searched for a way to reverse the transaction, but it was too late.

I later learned that the Twitter account had been hacked, and the scammers had used it to post a fake airdrop link. The website had been a phishing page designed to steal wallets, and hundreds of victims had fallen for the exact same trap.