If you check the scam transaction here (Trezors blockexplorer doesn't show you this, but BSCScan does):
https://bscscan.com/tx/0xfb043ff2e96de3108a0d57cda22c8afe01530b95259b97e3398336a874a1d886
You can see its name the method contract that was called "FakePhishing...." If you click it, you'll see that it's marked as a contract that has been previously used for phishing attacks.
If you also check your address using BSCScan. You can see that the transaction is marked as a Zero-value transaction. I recommend reading these articles:
https://www.immunebytes.com/blog/zero-value-token-transfer-phishing-attack/
https://cointelegraph.com/news/scammers-are-targeting-crypto-users-with-new-zero-value-transferfrom-trick
https://bscscan.com/tx/0xfb043ff2e96de3108a0d57cda22c8afe01530b95259b97e3398336a874a1d886
You can see its name the method contract that was called "FakePhishing...." If you click it, you'll see that it's marked as a contract that has been previously used for phishing attacks.
If you also check your address using BSCScan. You can see that the transaction is marked as a Zero-value transaction. I recommend reading these articles:
https://www.immunebytes.com/blog/zero-value-token-transfer-phishing-attack/
https://cointelegraph.com/news/scammers-are-targeting-crypto-users-with-new-zero-value-transferfrom-trick
Wow, this is the first time I have come across such a phishing attack. Thanks for the usefull info.
I would have merited your post but since you already have plenty of it, I'll save my merits for others.
It's quite shocking to see that zero value transactions doesn't require any approval from us.
Another shocking thing is that people lost over $19 million due to this. May be the devs should reconsider this and ask for an approval regardless of the value of the transaction.