Gone Phishing — Why Free Airdrops Could Actually Drain You of All the Crypto You Own
As the audience for cryptocurrencies, blockchain, NFTs, and more have grown, so too have the number of projects, applications, and solutions to attract and wow new entrants to this growing space. As all newcomers to the crypto seen have undoubtedly experienced, it quickly becomes overwhelming the amount of information, news, and other content that one has access to while trying to figure out the industry.
For many new entrants, it may take weeks, if not months, to feel even remotely confident in understanding how a part of the industry works, and in that span of time, those same individuals will have been exposed to several new topics, projects, and more, in an attempt to get them to invest or participate in a particular sub-economy.
It is of little surprise then, that given the complexity of blockchain and the steep learning curve for users to jump on to, that scammers and fraudsters alike have also poured into the space — eager to separate inexperienced crypto participants from their money.
One such exploit appearing with increasing frequency towards the end of 2021 was around the concept of free airdrops. A legitimate practice if properly used, free airdrops can also prove to be extremely dangerous — especially for the inexperienced user. Below we cover what airdrops are, how they can legitimately function, and when they should be viewed with extreme caution.
What are Airdrops?
In general, crypto airdrops are where blockchain based projects send out free tokens to members of their communities as part of a broader marketing initiative. From rewarding existing token holders with other free tokens, to dropping assets into wallets after collecting wallet addresses — airdrops are one of the most exciting aspects of the industry for crypto participants.
In the analog world, this would be equivalent to receiving a coupon in the mail for a free banana split sundae at the local ice cream shop. Just by being an inhabitant in the surrounding area, residents would be the recipients of promotions and other benefits, in an effort for local organizations to “drum up” business.
Similarly, in the Web3 digital world, crypto airdrops are a way for projects to reward supporters with something for free. This “something”, in the form of tokens, can be used in various ways. This would include redeeming the tokens for other assets, holding the tokens in anticipation of appreciation in value, or selling the tokens to take some immediate “free” profit.
How Do Crypto Airdrops Generally Work?
Since airdrops are seen as marketing driven initiatives, it is common for projects to require individuals who are interested in receiving an airdrop to complete a series of tasks before “qualifying” for the free drop. Such tasks might include — retweeting messages, inviting a certain number of new users to the project, participating in a competition, and more. Once an individual has met a set of qualifications, the project would then add the person to the list of airdrop recipients.
Another way is through taking a blockchain snapshot of all holders of a particular asset at a given time, and then allowing users to claim their free rewards if they were considered a holder of the asset at the time of the snapshot. This method is growing within increasing popularity, especially as NFTs have taken off and NFT projects look to reward their holders with free assets.
Despite the excitement around this process and the growing popularity of such marketing tactics, these transactions are not as risk-free as they might seem on the surface.
Hidden Dangers of Unsolicited Crypto Airdrops
It is difficult to turn down free stuff — especially when those things could have value in a marketplace. And when new tokens or assets appear in one’s crypto wallet, it is natural to feel a combination of excitement and curiosity — especially if the drop is unexpected and contains tokens which are not known to the user. The first response of many recipients is to go understand what it is that they have received, how much it may be worth, and how to act next with these newly received tokens.
While this may be good and fine for drops related to legitimate projects — fraudsters pray on the same emotions of crypto holders with the intent to steal.
In an illegitimate airdrop, scammers may mint a malicious new token, send it to a targeted set of users, and pray on their curiosities to find out more about what it is which they have received.
Receivers of these tokens may be tempted to immediately perform an exchange of their token for other cryptos (e.g. ETH, USDT, or others), but will quickly find that they are not able to. When the transaction to exchange the airdropped token on a trusted exchange fails, the user may review the transaction details and find “guidance” for the user to visit the scammer’s webpage to perform the exchange.
Alternatively, users may also begin searching online about these tokens, and eventually come across the same scammer’s webpage which contains all of the details of the token — including the logo, the airdrop which just took place, and more.
The fraudulent webpage may ask users to connect their wallet to the page — to get the victims to eventually transact with the scammers, thereby stealing the victim’s money. To power these transactions, the fraudster may ask the victim to pay expensive fees (with legitimate cryptocurrencies) so that the exchange of the fake token can occur. Needless to say, those who approve this access and these transactions are at great risk of losing everything in their connected crypto wallet.
Protecting Yourself — Healthy Skepticism, DYOR, and Blockchain Monitoring
While the old adage of “nothing in life is free” might generally be true, the crypto world has introduced new dynamics into our daily lives. With the industry still in its infancy stages, there actually is a lot of free stuff in crypto. Arguably, the cost of these free things are the recipient’s attention, but nevertheless, events like crypto airdrops are often unsolicited, unexpected, and even valuable for the potentially lucky recipient.
As mentioned previously, there are legitimate projects which perform airdrops for their token holders. These airdrops should be viewed positively, as such rewards build project communities and generate hype for the overall goals of the project.
However, airdrops which have no association with any existing tokens which a user is holding (or which the user has no affiliation), should be viewed with extreme caution. If not careful, a wallet holder’s curiosity may just be enough to lead them to lose all of their crypto. As always, in this industry, do your own research (DYOR), be skeptical, and ensure that what has been received is legitimate. If the results are inconclusive, it is better to not touch the asset at all (scammers can’t do anything to your wallet if you don’t move the fraudulent asset).
Further, users should consider implementing a blockchain monitoring solution for their wallets. A crypto monitor allows wallet holders to be informed in real-time whenever a transaction is impacting their particular address. While blockchain monitoring doesn’t prevent scammers from sending fake tokens, a crypto monitor does alert a user when tokens enter into their wallet — thereby informing them that something has happened at a particular moment, instead of opening a wallet weeks later to wonder where a particular token had come from, and if it was tied to various other projects which the user might currently be vested in. A good crypto monitoring solution will inform users immediately when an asset has been received — and the user can use that information to determine whether or not it was expected or not.
While blockchain monitoring solutions may seem complicated on the surface, well designed crypto monitoring tools are easy to implement and can be done so in just a few minutes. In particular, PARSIQ’s blockchain monitoring tool is one such solution, wherein a user can sign-up for a free account, enter the addresses which they wish to have the crypto monitor set for, and then quickly set the triggers — all in a matter of minutes.
By taking just a few minutes to set up a blockchain monitor, users can add one more tool in their portfolio to ensure that they have additional measures in place to inform and protect their portfolio holdings.
Airdrops are Exciting — But Due Diligence is Always Required in Crypto, Even After Owning an Asset
Crypto airdrops are an exciting an innovative tool in the world of Web3. As mentioned previously, they can be viewed somewhat as the digital world’s equivalent of receiving free coupons in the mail. With many new blockchain projects on the horizon, and existing ones which wish to continue to reward, incentivize, and motivate their project base, airdrops are here to stay.
However, as in any industry, users should always remember that there are nefarious characters out to steal and take advantage of those who are less informed. It is better to miss out on an opportunity than to FOMO on something not well understood, only to see a wallet be fully drained of its hard-earned assets.
Users should question everything that appears in their wallet unexpectedly, and perform the necessary due diligence before even touching the asset. For extra security, blockchain monitoring solutions should be considered. As individuals may not be looking at their wallets daily, having a crypto monitor inform them of when a new token has appeared will increase the likelihood that the person is not confused at a later point regarding whether or not the dropped asset may be related to another project which the user is interested in. Along with a healthy dose of skepticism, crypto participants can ensure that they navigate the space safely and securely.
