NFTs are one of the foundations of web3. This series will introduce NFTs through 30 short articles, allowing everyone to understand and master the relevant knowledge about NFTs from scratch.
In previous articles, we have repeatedly emphasized the importance of security in the crypto field. One small mistake could lead you into a dark forest, so you must always remain vigilant. In this article, we will learn about some common scams.
Since mnemonic phrases are crucial for controlling digital wallets, we must ensure their security and privacy. Keep the mnemonic phrase stored in a secure offline location and remember to make backups!
The second method we will discuss to prevent scams is to repeatedly confirm the content of a transaction before signing it. Many people have unknowingly clicked on the Metamask pop-up and completed a transaction without knowing its content, resulting in the loss of all assets in their wallets. I don't want you to experience such a situation, so make sure to read and understand the content of the transaction you are signing before confirming it.
However, the most common scam in the NFT space is clicking on malicious links. This happens every day and has resulted in the theft of millions of dollars worth of assets. Scammers often send harmful links through various social channels such as Twitter DMs, Discord DMs, and sometimes even emails. They claim that you can claim free NFTs through the link. Once you click on the link, you may be directed to a scam webpage. When you sign a transaction request from that webpage on your digital wallet, the bad actors will attack your wallet and transfer all your NFTs and assets to their own wallet.
Fraudulent Discord channels are also places where malicious links may exist. Unless it is an official announcement from the project, do not click on links posted by others in the channel, especially those claiming to offer free NFTs.
Because many of us instinctively click on links without thinking, avoiding all malicious scams is extremely challenging. However, the more challenging it is, the more security measures we must learn to protect our digital assets. Here are some key points to remember to prevent fraud:
- Make sure the person sending the link is trustworthy and ensure that the message is from the actual account owner you know. Scammers often impersonate others by copying their names and avatars.
- If you visit a project's official website, make sure you obtain the URL from the official account's promotion. One common scam is using websites similar to popular projects to deceive people, with only slight differences in the URL. If you're not careful, you may suffer asset losses, for example, a popular project's legitimate website is "testproduct.xyz," while the scam website is "testproduot.xyz."
- If you arrive at a project's website after clicking on a link and it promotes something like free minting, but it sounds too good to be true, be cautious.
- If the person or project forcing you to click on a link triggers FOMO (fear of missing out) to some extent, be vigilant. There is a high possibility of it being a scam.
The dark side of the crypto world is that not clicking on links does not guarantee your safety. Scammers and bad actors constantly develop new strategies and technologies to exploit others. The only thing we can do is acknowledge the presence of insecurity in the environment we are in and always remain vigilant and cautious.
More resources:
-
If you have ten minutes, here is a detailed Twitter thread about digital wallet security: https://twitter.com/punk6529/status/1461742366696652809
-
If you have thirteen minutes, here is a video by Zeneca explaining how to stay safe in the NFT space: https://www.youtube.com/watch?v=4rP7tHFLX8A
-
If you have five minutes, here is a quick overview of the most common types of scams: https://twitter.com/PocketUniverseZ/status/1581787383812345858
You can also find me in these places:
Digital Land: Hoodrh
Mirror: Hoodrh
Twitter: Hoodrh
Jike: Hoodrh
XLog: Hoodrh
SubStack: Hoodrh
Nostr: npub1e9euzeaeyten7926t2ecmuxkv3l55vefz48jdlsqgcjzwnvykfusmj820c