diff --git a/contracts/src/attacks/DetectionBot.sol b/contracts/src/attacks/DetectionBot.sol
index 56ec907b5..26ad7381c 100644
--- a/contracts/src/attacks/DetectionBot.sol
+++ b/contracts/src/attacks/DetectionBot.sol
@@ -13,15 +13,27 @@ interface IForta {
 
 contract DetectionBot is IDetectionBot {
     IForta public fortaContract;
+    address public cryptoVaultContract;
 
-    constructor(address forta) {
+    constructor(address forta, address cryptoVault) {
         fortaContract = IForta(forta);
+        cryptoVaultContract = cryptoVault;
     }
 
     function handleTransaction(address user, bytes calldata msgData) public override {
         // Only the Forta contract can call this method
         require(msg.sender == address(fortaContract), "Unauthorized");
-        fortaContract.raiseAlert(user);
-        msgData;
+
+        // Decode the parameters of the delegateTransfer method
+        (, , address origSender) = abi.decode(
+            msgData[4:],
+            (address, uint256, address)
+        );
+
+        // The origSender mustn't be the CryptoVault
+        // because DoubleEntryPoint is an underlying token,
+        // if so raise an alert
+        if (origSender == cryptoVaultContract)
+            fortaContract.raiseAlert(user);
     }
 }
diff --git a/contracts/src/levels/DoubleEntryPointFactory.sol b/contracts/src/levels/DoubleEntryPointFactory.sol
index 8136211ac..45aba0e35 100644
--- a/contracts/src/levels/DoubleEntryPointFactory.sol
+++ b/contracts/src/levels/DoubleEntryPointFactory.sol
@@ -47,6 +47,13 @@ contract DoubleEntryPointFactory is Level {
     }
 
     function __trySweep(CryptoVault cryptoVault, DoubleEntryPoint instance) external returns (bool, bytes memory) {
+        // emulate a lambda transfer of a user
+        try LegacyToken(instance.delegatedFrom()).transfer(address(cryptoVault), 0) {
+        } catch {
+            // It mustn't revert, if so return true on failure
+            return (true, abi.encode(false));
+        }
+
         try cryptoVault.sweepToken(IERC20(instance.delegatedFrom())) {
             return (true, abi.encode(false));
         } catch {
diff --git a/contracts/test/levels/DoubleEntryPoint.t.sol b/contracts/test/levels/DoubleEntryPoint.t.sol
index c5e9d99ec..dec51284b 100644
--- a/contracts/test/levels/DoubleEntryPoint.t.sol
+++ b/contracts/test/levels/DoubleEntryPoint.t.sol
@@ -56,7 +56,8 @@ contract TestDoubleEntryPoint is Test, Utils {
         vm.startPrank(player);
 
         Forta forta = instance.forta();
-        DetectionBot bot = new DetectionBot(address(forta));
+        address cryptoVault = instance.cryptoVault();
+        DetectionBot bot = new DetectionBot(address(forta), cryptoVault);
 
         forta.setDetectionBot(address(bot));