Adressvergiftung

(I think) Because on Ethereum, tokens are controlled by smart contracts (not by layer 1). This token’s smart contract will not allow you to send a non-zero amount of tokens from another address (for obvious reasons), but it will allow you to send zero amount of the token from another address.

Essentially on the front end it looks like u sent a fractionalized token – like .0000000001 MATIC (or an NFT) out of ur wallet – when in reality – malicious actors mint and send NFT’s out of targeted addresses (all in 1 function) – such that it appears your address sent a small amount of tokens or an NFT out of it – when in reality the tokens/NFT never even *existed* in the wallet – it was just broadcasted as an event on the blockchain and so ur wallet takes this information and displays it in the UI.

These airdrop scams are common and they are known as address poisoning ($0 value transactions) scams where malicious actors send low value transactions to tons of wallets hoping users will accidentally copy and paste a previous address in their history (thinking it’s one of their own when in reality its the scammers) and send funds to the scammer address mistakenly.

U can avoid this by always using the “receive” ledger live tab and generate ur address before ur own eyes. Make sure the address matches wat is displayed on the device – always trust the ledger devices screen. If the address doesn’t match between the ledger and ur computer – then u know something is wrong.

If u ever get scam airdrop NFT’s in the future u can just hide them in ledger live and they can be ignored. They can’t harm ur other accounts. As long as u ignore them they won’t harm any funds in the account they reside in either.

If u ever get tokens sent to you or show as sent from ur address. Check and make sure they weren’t actually sent from your account (click the block explorer on the tx history and see if it’s legit or not).

Then ur good to go : )

If you look through previous posts someone explains how it is done. So it is possible for them to make it look like it was sent out from your wallet to another address.

Oh Ethereum, that exploitable garbage chain.

good to also get information directly from Ledger Support on this too: https://support.ledger.com/hc/en-us/articles/8473509294365-Beware-of-address-poisoning-scams?docs=true

Be very careful there’s a virus what seems to be on the polygon network taking small transactions out of accounts atm inc ledger and trustwallet.It comes up as 0 but if you look closer it’s taking small tokens continuously the receiving wallet has so far accumulated $800,000 as of today

DEPOSIT and WITHDRAWAL pathways on the Blockchain are completely independent (DEPOSIT pathway using a public key that anyone can use place crypto into the wallet, and the WITHDRAWAL pathways using the private key for outbound transactions from your wallet).

The only way I know of a withdrawal being able to be accomplished is by use of the private key. I assume you have kept your 24 word seed phrase secure. Any chance you may have accepted a contract?