Recently, the cryptocurrency industry has been frequently targeted by phishing attacks using counterfeit accounts. Hackers steal verification account permissions and lure victims into installing malicious programs under the guise of collaboration invitations, covertly stealing device control and executing a series of scams. This article, based on a practical review by the Bitget security team, reveals three major characteristics of this new type of attack.