How to detect Phishing Attack during your USDT transaction?
3 min readMay 8, 2024


Blockchain is a dark forest somehow because of its transparency. Every trading transaction can be viewed by anybody at anytime. When you are making transactions, you’re likely being watched by phishers and hackers. So keeping cautious is always a must-have form of awareness.

To minimize your losses, please make sure to read this article in which we will learn a tool helping to do the “scam check” before making transactions.

Query your address and check if you are in Phishing situation

  1. open Tokenview TRON blockchain explorer, type your address and press “Search”
  2. check the “TRC20(Latest 20)” from the transaction tab on the address page
  3. observe the gray-blue color lines

Normally you should not see these gray-blue color lines, otherwise you are being attacked. The above picture shows the address has been attacked by 4 times at least.

4. find the red rectangle icon from the transaction list

These addresses which are marked by “red rectangle icon” are those attacking you.

Being carefully, manually check every char of the addresses, for instance, TA9SpmD6Fne54b4jEWpCDaHUECdJitspmo, is it similar to your previous target address? Yes, you do have a target address TA9SJtzNUWiU6JzyS3kEQuRHRkPsitspmo at your previous transaction, TA9SpmD6Fne54b4jEWpCDaHUECdJitspmo has the same previous bit “TA9S” and suffix bit “spmo” with different middle part, it is impersonating your target address.

If you accidentally copy and paste the “Impersonator” into your target address, you will lose your asset.

Query the target address and check if it is the Phisher

Do a search on Tokenview TRON blockchain explorer after your copy & paste.

  1. type your copied address into the search box and press “Search”
  2. observe the “red top line” from “Address Info” part on the address page

Normally you should not see the “Risky” label, otherwise it means you are being attacked.

3. observe the transaction list

All the transactions will be marked as “blue-gray” lines for the risky address.

Query similar Phishing addresses and assess the severity of the risk

  1. For the risky address, you will find a “Scam Check” page from any of the transaction. Click and open it, and type the risky address “TA9SpmD6Fne54b4jEWpCDaHUECdJitspmo” to query.

2. observe the result

2.1) if you could see more than 1 address listed, that is to say it is doing phishing

2.2) if you could see “#Phishing” label in the Risky column, that is to say it is being confirmed a phisher

2.3) the more the count of the address in the list the higher severity of the risky address



Our mission is to build Freedom Safe Easy Web3/Crypto world. visit us at for General Multi-chain Explorer and Blockchain APIs entrance.