The amount of scams in the *cryptosphere* is mind-boggling! While it’s very hard to avoid them all, there are plenty of steps you can take to limit your exposure. Hopefully, with a little thought to security, we can curb some of this.
Starting with the most basic rule of all: If it seems too good to be true, it probably is. This applies to pretty much everything in life.
Wallets are an integral part of the crypto space. There are a couple basic types: software (hot) wallets and hardware (cold) wallets . I’ll not delve into the differences but a hardware wallet is by far the safer choice. I’m going to focus on wallet basics.
NEVER give out your seed phrase. Anyone with your seed phrase has full access to your wallet. No one other than the owner of the wallet needs to know the phrase. Write this down and store in a secure location. Even if your device is lost or destroyed, you can use the seed phrase to recover your wallet.
Public and private keys; What are they? Your wallet has both a public and private key. The public key is how you receive transactions. It’s publicly viewable on blockchain explorers. The private key is needed to access or use the funds. Your private key, in basic terms, is an algorithm of your seed phrase. Never give out your private key!
Airdropped tokens; Scam? In short, usually. There are situations where airdrops are legit but you usually know where they’re from. You can check the actual contents of your wallet using the blockchain explorer. If you see tokens there that you don’t recognize, just leave them or burn them if the clutter annoys you(lol). Most of these will have a site address for a name. Don’t visit the site.
2. Transactions and signing contracts.
This is a common area to fall prey to scams. It’s also a bit trickier to avoid them. When you sign or approve a contract with your wallet, it’s often hard to know exactly what you are approving. There are a few ways to lessen your risk.
If you are comfortable reading smart contracts, check the contract on whichever blockchain explorer for the chain you’re currently on. Examples: bscscan.com(BSC), snowtrace.io(Avalanche), etherscan.io(Ethereum), and polygonscan.com(Polygon). You can also do most, if not all, of the functions a project’s decentralized application (dapp) allows directly through the contract.
Even if you’re not comfortable with smart contracts, there are ways to lessen your risk. Always make sure to check the address of the site you’re visiting. Only use trusted links from verified sources. A private or direct message is usually not a verified source.
Research the project before diving in! There are some things you can look for in a project to help offset some risk. Is the website professional? Does the project have a large and active social media presence? Does the project have a clear description of it’s core fundamentals? Are the team members identified(doxxed) or have they completed a Know Your Customer(KYC)? Has the project/contract been audited? Many projects may not pass all these questions but the more, the better. Be aware, even if a project nails the entire list, it’s no guarantee that it’s not a scam; much less that it will be a success.
We’re mostly talking about decentralized finance (defi) here but you might be surprised to learn that every day, there are hundreds or thousands of new contracts/tokens created. Sadly, the majority of these are scams. Hopefully some of these tips will help you avoid them.
Again, only use contracts from trusted/verified sources. Check the contract on the explorer; Is it verified? For simple/quick checks, use scanners like TokenSniffer, Staysafu, and others(not an advertisement). Some of the charting sites have direct links to the scanners. Check for a description of the project, website, and socials on the charting site. Again, none of these will guarantee against a scam.
Having a social presence is a requirement for any crypto project. Protecting yourself here is important as well. Three of the main socials used by projects are Twitter, Telegram(TG), and Discord. I’ll share a few tips to help avoid some of the dangers.
Generally speaking, Admins, Mods, or Devs will not direct message(DM) you first. I usually have my TG and Discord preferences set to not accept random DM’s. Avoid links and contract addresses posted in the general chat areas. Try to stick to those pinned or posted by a team member. Wallet verification scams, fake contract addresses, scam websites, and other scams are all too common.
In Closing, the defi space is a place where you can gain those massive rewards but know that the risks are massive as well. Never invest more than you can stand to lose. Strive to educate yourself on the risks and avoid scams whenever possible! I hope that together, we can hit the thieves/scammers where it hurts; right in their wallet.
Twitter — @Toad_Monkey
I’m a Twitter newbie. Follow if you like. I retweet the occasional Whitelist or contest tweets. I don’t tag you for these unless you let me know you like that sorta thing!