# What attacks can Harpie prevent?

Below is a list of many (but not all) of the types of attacks that Harpie can prevent.

### Frontend Attacks

<figure><img src="/files/qBNaV6DBXeZgs19X6909" alt=""><figcaption><p>$570k was stolen in just a few hours because of the Curve.fi attack</p></figcaption></figure>

This attack is almost unavoidable. By hijacking a trusted website, attackers can trick users of the site into signing their money away.&#x20;

### Phishing/Impersonation

<figure><img src="/files/Kc2dM9dHunO9ij2X5Z6G" alt=""><figcaption><p>This OpenSea phishing link was a single email campaign that caused $1.7 million in damages.</p></figcaption></figure>

These types of attacks impersonate a trustworthy party. Attackers use this misplaced trust to trick victims into signing malicious smart contracts designed to steal their money.

### Fake Site Scam

<figure><img src="/files/jVVGeO1SgOnZsporGrq0" alt=""><figcaption></figcaption></figure>

These attacks use a clean, well-designed website to trick victims into trusting the site. Afterwards, victims are asked to sign malicious smart contracts or send over their private keys to the attacker as part of a "user onboarding" process.

### Private Key Theft

Private key theft is being phased out in favor of smart-contract-based attacks, like the attacks described above. That being said, ownership of a wallet's private key allows an attacker to freely transact with the assets inside.

Because private key theft gives an attacker complete control over your wallet and its assets, see [Disclosures & Risks](/welcome-to-the-harpie-docs/tech-and-security/disclosures-and-risks.md) for edge cases where Harpie would not be able to protect your wallet from private key thieves.

### Accidental Transfer

Misspelling one of the 40 characters in an Ethereum address during a transfer can cause a victim to lose access to those assets permanently. Harpie stops accidental transfers from occurring, since your trusted network will not include that misspelled address.

### What types of attacks can Harpie not prevent?

No security product is comprehensive, so for the sake of transparency, we've included info on our limitations in [Disclosures & Risks](/welcome-to-the-harpie-docs/tech-and-security/disclosures-and-risks.md).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://harpie.gitbook.io/welcome-to-the-harpie-docs/about/what-attacks-can-harpie-prevent.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.