MEV Sandwich Attack Scams

Maximal Extractable Value (MEV) refers to profit that can be captured by reordering, inserting, or censoring transactions within a block on a blockchain. A sandwich attack is one of the most direct and harmful forms of MEV extraction, in which an automated bot identifies a pending large swap transaction in the mempool (the pool of unconfirmed transactions) and places two transactions around it — one immediately before and one immediately after — to profit at the original trader's expense.

The attack sequence works as follows. A user submits a transaction to swap Token A for Token B on a decentralised exchange. A bot monitoring the mempool detects this pending transaction and estimates its price impact. The bot then submits a buy order for Token B ahead of the victim's trade (front-running), which moves the price upward. The victim's trade executes at this now worse price. The bot then immediately sells Token B after the victim's trade executes (back-running), profiting from the price difference the victim's own transaction created.

The result is that the user receives fewer tokens than they expected. The gap between the price they expected and the price they received is called 'slippage'. MEV bots deliberately generate this slippage and capture the difference.

While sandwich attacks are often treated as a structural inefficiency rather than fraud in the traditional sense, they represent a deliberate mechanism for extracting value from ordinary traders. Some MEV bots are operated by sophisticated actors who also engage in deceptive practices — including fake decentralised exchange interfaces designed to funnel users' trades through manipulated routing specifically to enable sandwich extraction.

Automated bots continuously monitor the public mempool — the waiting area for unconfirmed blockchain transactions — looking for large pending swap orders. When a viable target is found, the bot calculates the expected price impact and determines whether the profit from sandwiching exceeds the gas cost of submitting two competing transactions.

The bot bribes block validators (in Proof of Stake chains) or miners (in Proof of Work chains) to include its front-run and back-run transactions in the positions immediately surrounding the victim's transaction. This is done through priority fee auctions, with the bot paying elevated gas fees to guarantee ordering.

The victim's transaction executes at the worse price created by the bot's front-run buy. The bot's back-run sell then takes the price back down, and the bot pockets the spread. Transactions where users set high slippage tolerance — accepting up to, say, 10% worse prices — are disproportionately targeted, since a higher tolerance allows the bot to extract more value per attack.

Separate from automated MEV, some scammers operate fake DEX front-ends or 'optimised routing' services that claim to improve trade outcomes but actually route orders to sandwich-vulnerable liquidity pools or apply excessive fees on every trade.

MEV sandwich attacks succeed because the mempool is public by design — transaction transparency is a feature of blockchains, not a bug. Ordinary users have no visibility into whether their transaction is being sandwiched until after it executes. The complexity of DeFi routing means most users do not scrutinise the contracts their trades pass through.

Fake MEV protection services exploit user awareness of the problem to introduce a second vector: by offering to 'protect' traders, they capture wallet approvals or route trades through contracts that either drain assets directly or impose extraction fees.

Use our MEV-protected router to avoid sandwich attacks on your trades. Connect wallet here: [fake link].

Your swap through [DEX name] is vulnerable to bots. Our private mempool tool blocks front-running — activate it now with a one-time approval at [fake link].

Exclusive: arbitrage signal for [token pair] — act before the block closes. Join our MEV group for trade execution tips: [Telegram link].

Use only official DEX interfaces navigated via bookmarks set up from verified official accounts. Check for MEV protection built into reputable DEX aggregators such as 1inch Fusion or Cowswap, which use off-chain order settlement to eliminate mempool exposure. Set slippage tolerance to the minimum acceptable for your trade — lower slippage makes sandwiching unprofitable. Before connecting a wallet to any MEV tool, verify the contract address against the protocol's official documentation.