As the information Stellar network is public and LOBSTR Vault is an open-source product, some malicious actors knowing your public key may try spamming your account with a large number of unsigned transactions.
LOBSTR Vault has a built-in spam protection layer that allows you to select whether you want to receive transaction requests that don't contain any valid signatures.
You can select the preferred option by tweaking the “Allow Unsigned Transactions” setting on the 'Settings' tab.
Сhoose ‘No’ to protect your Vault account from spam transactions that don't contain valid signatures from the protected account or other Vault signers. If your multisig configuration has multiple Vault signers, make sure to set the setting to 'No' for each of the signers.
If you are looking to make deposits and withdrawals of anchored assets, choosing the 'No' option will affect your experience in LOBSTR wallet as the 'Challenge' transaction will not appear in your Vault account automatically. You will have to copy the 'Challenge' transaction XDR and sign it using the 'Import XDR' option.
We strongly recommend choosing the ’No’ option to protect your account from malicious actors.
If you choose ‘Yes’, your Vault account may receive transactions that do not contain valid signatures from the protected account or other Vault signers. In this case, make sure to carefully check the details of each transaction before confirming.