Web3 anti-fraud security knowledge part 2— —Cognitive Bias
The general scam routine is divided into 3 steps：
- It’s hard to turn down enticing benefits and make promises ahead of time.
- Isolate your own information source channels and fall into an information island.
- Requires you to make a decision ASAP and sell the scam
0x01 Specific behavior
Cognitive biases sometimes referred to as “human hardware vulnerabilities”, are sufficient to enable numerous attack vectors, some of which include:
- Confederate: Confederate can create a false situation, forcing victims to reveal information that they are usually reluctant to disclose. For example, scammers urge the deceived to mint as soon as possible by creating the appearance that NFT on the fake mint website is about to be sold out, and link the wallet to open the authorization.
- Online fraud: Use another identity to communicate via chatting, and in the process of gradually communicating, relax the vigilance of the other party, so as to achieve the purpose of obtaining the information you want step by step, such as pig-butchering scam.
- Bait： For the purpose of obtaining confidential information, the scammer pretends to be a well-known NFT project party or artist, and tricks the victim into purchasing an NFT on opensea, in order to defraud the authorization, and then commit the fraud.
- Equivalent exchange: Fraudsters pretend to be technicians or questionnaire investigators, and ask the deceived to give key information such as passwords, private keys, or Mnemonic Phrase, in order to pretend to help solve certain problems or give material rewards. Attackers may also masquerade as company technical support staff to “help” resolve technical issues, and slowly steal information.
0x02 What is Cognitive Bias
A cognitive bias is a systematic error in thinking that occurs when people are processing and interpreting information in the world around them and affects the decisions and judgments that they make.
The human brain is powerful but subject to limitations. Cognitive biases are often a result of your brain’s attempt to simplify information processing. Biases often work as rules of thumb that help you make sense of the world and reach decisions with relative speed.
0x03 Scenario of fraud
Recently, the popular NFT project Moobirds sent a private message on Twitter, and the floor price was as high as 18ETH. Moonbirds tweeted that Moonbirds was successfully released. In order to give back to the support of NFT players, 1000 lucky followers are now chosen to airdrop NFT. The number is limited, hurry up. I think most of the people if encountered this situation must be very excited and definitely click that “Collect Wallet”
The victim checked the wallet but found that there was nothing in there, and then opened OpenSea to check his NFT. At this time, he found that all his series of high-quality NFTs had disappeared.(true story)
- Scammers use hot spots and popular NFTs to defraud NFT beginners and NFT holders
- Through a well-known Twitter account, the victim’s authorization was obtained using a well-designed phishing website, and the victim’s NFT assets were transferred.
0x04 Anti-fraud strategy
Pay attention to identify accounts on Twitter. Fishing accounts generally have the following characteristics.
- They are certified and claim to be an early investor or (co-) founders of a large project.
- the account was created very early, but there are a few tweets , which is only active recently, such as an account registered ten years ago that has only sent dozens of tweets in the last month.
- They wrote a lot of comments themselves.
- Don’t blindly trust some well-known Twitter accounts, the number of followers of a person has nothing to do with their personal credit, let alone the “influence” that the number of followers can be faked at will.
- All projects to be mint should be researched as much as possible to determine the correct mint time and price, and be prepared in advance
- MINT: Minting NFT, is the most common method for official pre-sale and public sale of NFT. When confirmed, your wallet will be deducted the corresponding fee (NFT selling price + Gas fee), and you will receive the corresponding NFT.
- SENDING ETH:ETH transfer. When confirmed, a certain amount of ETH will be transferred from your wallet.
- SET APPROVAL FOR ALL: Authorize a certain address to manage a certain type of NFT. When confirmed, the address can transfer all NFTs under this type of NFTs to your wallet.
- SENDING ETH
- SET APPROVAL FOR ALL
- TRANSFER FROM/SAFE TRANSFER FROM
- 3Commas Review | Pionex Review | Coinrule review
- Ledger vs Ngrave | Ledger nano s vs x | Binance Review
- Bybit Exchange Review | Bityard Review | Jet-Bot Review
- 3Commas vs Cryptohopper | Earn crypto interest
- The Best Bitcoin Hardware wallet | BitBox02 Review
- BlockFi vs Celsius | Hodlnaut Review | KuCoin Review
- Bitsgap review | Quadency Review | Bitbns Review