In the world of Web3, even cautious users like Mr. Li may fall into carefully designed traps. He has always been careful, never clicking on suspicious links, refusing unknown Airdrops, and not easily connecting to unfamiliar DApps. However, when a fren recommended a seemingly legitimate new type of DEX aggregator, Mr. Li decided to give it a try.

This platform looks impeccable: the interface is professional, it supports multiple wallets, the fees are transparent, and it even offers rebates. Mr. Li connected his wallet but did not conduct any transactions or signing operations. Shockingly, the next day, his USDT was quietly transferred away.

This is not a traditional hacking attack, but a new type of 'authorization fraud'. The core of this scam lies in inducing users to unknowingly grant a smart contract unrestricted permission to transfer a certain cryptocurrency. Attackers use carefully designed phishing DApps to guide users to sign an apparently harmless Approve authorization at the moment they connect their wallets.

The danger of this type of scam lies in its concealment. Victims often discover asset losses days or even weeks later. During the wallet connection process, users find it difficult to notice the authorization operations happening in the background, which is the key to the success of such scams.

To address this threat, WalletConnect has launched multiple security measures:
1. Improved connection interface that clearly displays the authorization information involved in each connection.
2. Enhanced Session connection layer that can intercept automatic authorization processes without user confirmation.
3. DApp credibility identification system, clearly marking the credibility status of the protocol.
4. Permission tracking feature after disconnection.

These measures aim to enhance users' awareness and control over the wallet connection process, effectively preventing authorization scams. In the blockchain world, security awareness and vigilance are crucial. Users should remain alert at all times, carefully reviewing each wallet connection and authorization operation to ensure asset safety.