Cover Image for Social Engineering: How Users Get Exploited
Cover Image for Social Engineering: How Users Get Exploited
Avatar for GetBlock
Presented by
GetBlock
Blockchain Node APIs for Web3. Build & scale your dApp with ease 🌐 Providing thousands of developers with RPC endpoints to 130+ blockchains
12 Going
Crypto
Featured in
#HKWeb3 Events Calendar

Social Engineering: How Users Get Exploited

GetBlock
Google Meet
Registration
Welcome! To join the event, please register below.
You will be asked to verify token ownership with your wallet.
About Event

β€‹πŸ” Social Engineering in Web3: How Attackers Exploit You, Not Your Code

​Most Web3 attacks don't break smart contracts. They break people.

​This session is a hands-on deep dive into the human side of crypto security, the manipulation tactics that bypass technical defenses entirely. Whether you're a developer, trader, NFT collector, or just getting started in Web3, this talk is built for you.

​What we'll cover:

​We'll open with a simple but uncomfortable truth: the majority of on-chain losses don't come from code exploits. They come from users approving malicious actions, wallets drained after signing a "harmless" message, assets lost to a fake mint, funds gone after a support DM.

​Then we break down the mechanics. Using a structured framework of attack mechanisms - from urgency and authority to information asymmetry and delayed consequences β€” we'll map exactly how these attacks work on a psychological level.

​The core of the session is four interactive showcases, each based on real incidents:

  • β€‹πŸŽ¨ Fake NFT mint: urgency, familiarity, and the BAYC Discord compromise

  • β€‹βœοΈ Signature request scams: habit loops, control illusion, and Angel/Monkey Drainer

  • ​⏳ Approval with delayed drain: default bias and the 2022 OpenSea phishing wave

  • β€‹πŸ’¬ Fake support messages: authority, identity spoofing, and Ledger phishing campaigns

​For each scenario, you'll have a chance to identify the mechanisms at play before we reveal them - then we'll discuss real mitigation strategies you can apply immediately.

​You'll leave with:

β€‹βœ… A mental model for recognizing manipulation before you sign
βœ… An understanding of how attacks chain multiple mechanisms together
βœ… Practical tools and habits to protect yourself on-chain

​Who this is for: Anyone active in Web3 - no prior security background needed. The goal is pattern recognition, not technical expertise.

​Speaker & Host

  • ​​Speaker: Masha Vaverova - Smart Contract Security Researcher, FullStack Blockchain Developer

  • ​​Host: GetBlock - Web3 node infrastructure for building dApps across 130+ blockchains.

Avatar for GetBlock
Presented by
GetBlock
Blockchain Node APIs for Web3. Build & scale your dApp with ease 🌐 Providing thousands of developers with RPC endpoints to 130+ blockchains
12 Going
Crypto