Etherscan admitted last year that its labels are often incorrect and that the ‘transferFrom’ function of ERC-20 tokens can be easily spoofed.