I have a Ledger nanoX (whothout passphrase), dk how, without my 24 words, i received a phishing NFT, and minutes later all my funds in the ethereum network (link, Pol), not xrp or ada… were transfered without my authorization (i dont connect my Ledger to anywhere and do not click on any NFT) I saw it a few days later.
I read Trezor T with passphrase and SD Card configured could be a safer way to protect against phishing, Is that right?
A safe 5 could be a good option too?
If a there are NFTs that can just drain any wallet there are send to, then they would empty every wallet
It seems you have unintentionally interacted with a malicious contract hidden in a phishing NFT. As a result, all of your assets on that contract’s blockchain have been drained. However, XRP, ADA, and other assets on different blockchains remain safe.
To avoid phishing, it is human behavior that must be trained—for example, not clicking random links or interacting with unknown contracts (or NFTs). In this case, it does not matter whether you use Ledger or Trezor.
If someone interact with a malicious smart contract or NFT, shouln’t the attack only apply to the account that is used for signed the contract?
For example if someone has 3 ETH Accounts
Account #1 with 300$ in ETH
Account #2 with 1500$ in ETH
Account #3 with 10000$ in ETH
If he signs a malicious smart contract with Account #1, he should “only” lose the ETH in this account, to i understand this right?
Because one wallet can create unlimited accounts, there is nothing against having small accounts for daily interaction with smart contract, Dapps and any other Defi stuff and big accounts for life savings.
Maybe even better to use passphrases for complete seperation of the account’s
Yes, you are correct.
Then this risk can be mitigated be splitting up the curency over multiple accounts