How to NOT Get Scammed Out of $130k in Crypto
Every day, I read about people giving away their seed phrase and losing thousands of dollars on crypto. I’m hoping through this miniseries, I can stop at least one person from losing all their money. And HOLY COW, did someone just lose a ton of money recently. However, not to be callous: how /u/007happyguy lost his crypto could have been easily prevented.
These tips are not 100% foolproof. However, they will stop you from being one of the 99% that lose their crypto to scammers and bots.
#1: NEVER give out your seed phrase
Every person in crypto would be better off having this tattooed to their wrist. It’s that important. It is by far the easiest and most common way to be scammed. Big takeaways about your seed phrase:
- It is not a group of random words that Metamask or Yoroi asks you to keep handy so that you can re-enable access to your wallet. Your seed phrase IS your wallet!
- Giving someone your seed phrase is like giving someone your bank account.
- Unlike your bank, there is no fraud protection if someone takes your seed phrase. They have 100% autonomy over your digital funds.
- Assume that anyone who knows your seed phrase WILL take your money later in the future. Treat friends and family like strangers. If you give your seed to anybody else, your risk grows exponentially until it eventually reaches a malicious party. This does not include seed sharing services like Trezor’s Shamir Backup. However, I haven’t done much research onto the topic. Use services like this at your own risk.
#2. NEVER respond to strangers DM/Direct Messaging you
This problem is already bad enough on reddit. However, it only gets worse the more you get involved on Reddit, Discord and GroupMe crypto communities. This issue is so bad that subreddits like /r/MetaMask talk about DM scams in its first 3 rules.
Reputable defi apps and companies should never need your seed phrase. Any company or “company” spokesperson that asks for sensitive wallet information is bad news. Every service you use should have official support channels. Be mindful of the “Nigerian Prince” scams that haunt the elderly. Crypto DM scams are essentially the same.
#3. Double check URL links and mobile apps
This is commonly known as a phishing scam. Be aware of any links that you click. Websites that look like reddit.com could take you to somewhere completely different. You can hover over hyperlinks to see where a website will redirect you.
If you’re unsure of what link or app to trust, here’s some key take-aways:
- Look at user or download counts, where applicable. Generally speaking, a MetaMask on the app store with +1M downloads is more reputable than one with 10.
- Visit the official Reddit or Discord communities. There should be links to the official channels written by the developers.
- This goes along with Tip #4. Searching “How to use [____]” on Google more than likely will take you to an official dev blog post or Reddit thread with the correct links.
#4. Double check transaction addresses (and keep yourself virus-free)
Sending your crypto to the wrong address is something I would never want to experience. As easy as it is to mistype an address, it’s even easier to lose your crypto to something like a clipboard virus that replaces your address with the virus writer’s own address. Here’s a link to a reddit thread showing the virus in action.
Viruses are rampant nowadays and are sometimes undetectable. There are ways, however, to mitigate your risk.
- Avoid using sketchy websites and apps. Refer to Rule #3 and #5.
- Double check transaction addresses before you send crypto.
- Use anti-virus programs, like MalwareBytes, and have it actively scan for threats.
- If possible, use a separate device for crypto and day-to-day computing. Not using your crypto device for web browsing will reduce the risk of being infected by malware.
If you find that you are infected with a virus, there are steps you can take to safely transfer your crypto. We’ll go into this in our next mini-series: Common Scams and Viruses.
#5. Do Your Own Research (DYOR)
Easier said than done. Knowing what’s reputable and safe is an art. If you’ve ever used the internet in the early 2000s, you probably have already been exposed to fake song downloads and mouse cursor programs that are actually malware.
Be objective in your research. If a liquidity pool is offering 42069% APY on your crypto, there’s an extremely high probability you will be swindled out of your money. Luckily, there are a ton of great communities out there that regularly audit and recommend good projects. I’m sure there are plenty of others out
Following these tips won’t guarantee that you won’t get scammed. They will, however, make sure you don’t fall for the most common scams out there. Being safe allows you to confidently explore the various wonderful, innovative dApps and services out there!
Got a topic you’d like the Harpie team to cover? Drop your suggestions in the chat below.