5 Common Web3 Scam Tactics, And How To Protect Yourself
Web3 is a blockchain-based decentralized network that offers promising opportunities, especially since ownerships on the blockchains are documented on a shared public ledger that allows for easy transferring of digital assets from one platform to another. Many people believe that Web3 has the potential to enhance data security and privacy beyond Web2’s current platforms.
However, Web3 can also be a dangerous world, especially with cybercrimes running rampant. Just in 2021 alone, scammers have stolen $14 billion worth of crypto, nearly twice the $7.8 billion robbed in 2020. This information was released by blockchain data firm Chainalysis.
Web3 encourages anonymity, which is an unfortunate advantage for scammers and hackers. Once your assets and funds are stolen, they’re almost impossible to retrieve. You may have even heard real stories of people who got tricked into clicking on false links that resulted in them losing everything in their wallet, from ultra-rare NFTs worth millions to all their ETH.
With that said, you can still be safe on the blockchain and protect your assets from being stolen. But first, let’s explore the top 5 common Web3 scam tactics:
1. Fake Free Mints
Free mints are really taking off this season, especially with the current status of the bear market. Lots of NFT projects are offering free mints, but so are the attackers. Scammers will provide a false link that is cunningly disguised as the actual minting site, but once you click and connect your wallet to it, they’ll hack into your account and steal everything you own.
2. Dodgy Airdrops
Beware of dodgy airdrops! Some scammers send tokens through “free airdrops” that allow them to perform transactions with your account once you interact with their tokens. It’s very similar to a computer virus that attacks your data once you open that malicious file. In other popular scamming cases, attackers redirect the victim to another site that requires them to connect their wallets in order to access the free tokens, and once again, ladies and gentlemen — that’s how they drain your account.
3. Phishing For Seed Phrases
A seed phrase is a series of words generated by your crypto wallet that enables you to access all the assets in that wallet. Think of it as your ATM pin number, or password for your bank. It’s so important to protect your seed phrase at all costs. Don’t even store it on your iCloud or Google Drive! Once hackers have your seed phrase, they’ll have all the crypto in your wallet too.
Hackers have been trying to get users to reveal their seed phrases through fake Google Ads that direct them to phishing websites, encouraging unsuspecting users to enter their details and seed phrases. There’s even a Twitter bot that asks people to provide their seed phrase as an account recovery step. Don’t fall for it!
4. Ice Phishing
This term applies to tricking users into signing a transaction that approves the user’s tokens to the attacker. It’s a common transaction that enables interactions with DeFi smart contracts, so that the victim is unaware that their transaction has just been tampered with. Scammers will alter the victim’s wallet address to the scammer’s address, and wait patiently for the victim to authorize the transaction.
5. Deceiving Emails and DMs
There’s a reason why every Discord server tells you to NOT entertain private DMs from strangers or click on random links. Attackers will use phishing emails and fraudulent links with false promises of freebies, get-rich-quick schemes, whitelists, and such to entice people to click and connect their wallets, which often results in victims losing thousands to billions.
How to protect yourself against crypto scams
- Never reveal your seed phrases to anyone. Keep them offline, and don’t store them in your phone or computer where they could be tempered with.
- Before committing any transaction, always DYOR (do your own research).
- Transfer your valuable assets to a cold wallet (offline).
- Beware of blind signing.
- Once again, don’t click on any links or DMs you’re unsure of.
We hope you found this helpful, GCC fam! It’s important to stay cautious and educated on Web3 scams so you don’t fall victim to these tactics.