Don’t Slack. Protect Your ETH.
Recently, there’s been very evil people going around on Slack and trying to scam users.
You guys are all very smart people, but you’re falling for these scams anyways.
Luckily, we’ve thought of a quick and easy solution. What is the solution? STOP USING SLACK. There’s literally no reason for any crypto company to still use Slack. This is true for both technical reasons and security reasons. Remember that Slack was originally created for internal teams, not for outside users. As a result, Slack does not have the same security measures built in as other messaging apps. Slack works fine (though not that great) when you fully trust everyone in it. However, when the Slack server is open to the public, people are able to easily send viruses and scam messages to everyone on the server.
So, what should you be using instead? At Aether United, we use Discord. Discord is great because it was originally built for gamers. The gaming community has been plagued by malicious actors since it’s beginning, so all the tools developed for this community are made to be secure. Discord has several great functions for safety that are very easy to use. We’ll be covering most of them here.
- Block Direct Messages From Strangers
We’ve been taught since our childhood to not talk to strangers. This is especially true online. In Slack servers, many people have received a message similar to “I almost lost all my ETH!!!!! Go to myetherwallet.co to make sure you haven’t lost all your ETH.”
Notice the URL (myetherwallet.co). The real MyEtherWallet url is myetherwallet.com. (Don’t trust me on this. Don’t click that link.). If you click myetherwallet.co, you will arrive to a fake site. EVEN IF IT SAYS MYETHERWALLET.COM, DON’T CLICK IT. MANY PEOPLE DISGUISE THE LINKS. When you enter your private key, it will be sent to their servers, and the evil scammers will buy candy with your ETH. Here’s an easy way to block DM’s on Discord. You can also go to the dropdown menu next to the server and block individual servers from DMs.
(Note:The rest of these are for server moderators looking to switch over to Discord. However, this is good to read anyways so you can go convince and help people to switch over.)
2.Turn On Verification Mode Immediately Before, During, and After Crowdsales
Discord allows you to force members to verify their emails before they are allowed to talk. You can also ensure that they are registered for a set amount of time, or that they have a verified phone number. The nice thing about this is that if you ban a member, their email and/or phone number is also banned, so it is hard for them to return. In our opinion, it’s OK to have an unrestricted server, or a low verification level a while before the crowdsale, but during sensitive times, it definitely should be enabled.
3. Use User Roles
Slack does not have user roles, only Admins and Non-Admins. It’s also hard to tell who is a staff member. While this is fine for small teams, it’s definitely not OK for a public server. With Discord, it’s very easy to setup multiple user levels so that members can tell who is part of the staff. As you can see, we have given our staff members, advisers, and Brand Ambassadors separate roles. This enables us to give the staff special moderation privileges while also ensuring that they are distinguishable. A common Slack scam is to create a user with the same name as a Staff member. (Ex. Making an account with the name VButerin) It’s extremely hard to tell who’s the real person and who’s the fake. With Discord, just assign your Staff a user role, and everyone can tell who they are.
4. Use Moderation Bots
I could write a whole section on setting up moderation bots on Discord. But right now, I would just recommend going to Dynobot and setting it up. You can block specific words, have auto-mute, flood filters, etc. Hopefully, someone who’s better at coding than I am will make an Ethereum specific modbot. (Bounty anyone?)
Bonus
This isn’t absolutely necessary, but it’s useful for preventing any illegal content or sexy clickbait malware from getting onto your server. The scan doesn’t require you to do anything and is a good way for keeping the server safe.
