Crypto Scammers stole $14 billion from people last year.
Follow this checklist to protect you and your funds:
Follow this checklist to protect you and your funds:
Here's what I'm going to cover:
• Securing your physical devices
• Smart Contract risks
• The top scamming tactics in 2022
• Mindsets
• And I'm going to share tons of examples.
This might be the most important thread you'll ever read.
Let's dive in!
• Securing your physical devices
• Smart Contract risks
• The top scamming tactics in 2022
• Mindsets
• And I'm going to share tons of examples.
This might be the most important thread you'll ever read.
Let's dive in!
Basics.
a PUBLIC key is kinda like your bank account number. You can send and receive crypto using this address.
Your PRIVATE key is like an ATM Pin to your bank account.
It proves you OWN this account, and allows you to send transactions.
Don't share it.
a PUBLIC key is kinda like your bank account number. You can send and receive crypto using this address.
Your PRIVATE key is like an ATM Pin to your bank account.
It proves you OWN this account, and allows you to send transactions.
Don't share it.
Seed phrases
When you create a wallet for the first time, they'll give you seed phrases.
Save this and NEVER share it.
If someone has access to your seed phrases, you lose your coins forever.
Once again, NEVER share it.
When you create a wallet for the first time, they'll give you seed phrases.
Save this and NEVER share it.
If someone has access to your seed phrases, you lose your coins forever.
Once again, NEVER share it.
Buy a Hardware Wallet
These are physical devices that hold your private keys.
No transactions can happen unless you PHYSICALLY confirm them with your wallet.
Say someone hacks you.
They can't do much because they can't confirm the transactions in person.
These are physical devices that hold your private keys.
No transactions can happen unless you PHYSICALLY confirm them with your wallet.
Say someone hacks you.
They can't do much because they can't confirm the transactions in person.
Your coins are NOT stored on the hardware device.
Your coins are stored on the public ledger.
Your wallet and Hardware device are the KEYS to get you access to your funds.
So if your Ledger gets lost, you still have access to your $ as long as you have the seed phrases.
Your coins are stored on the public ledger.
Your wallet and Hardware device are the KEYS to get you access to your funds.
So if your Ledger gets lost, you still have access to your $ as long as you have the seed phrases.
Which Wallet Should You Buy?
Buy a @ledger nano S straight from the website.
DO NOT buy from Amazon or resellers
(they can compromise the device before selling it to you).
If you can afford it, grab the Nano X over the Nano S.
More storage and a sleeker interface.
Buy a @ledger nano S straight from the website.
DO NOT buy from Amazon or resellers
(they can compromise the device before selling it to you).
If you can afford it, grab the Nano X over the Nano S.
More storage and a sleeker interface.
"Ser, how do I use a Hardware Wallet to do DeFi?"
Most hot wallets will allow you to connect with a device.
Here's an example from m e t a m a s k.
These two combined allow you to use DeFi with the security of a hardware wallet.
Most hot wallets will allow you to connect with a device.
Here's an example from m e t a m a s k.
These two combined allow you to use DeFi with the security of a hardware wallet.
Ledger's 25th word
@Ledger has an advanced feature that lets you create a secret 25th password.
Warning: this is advanced and not necessary for most people.
But I wanted to share this with those who don't know.
@Ledger has an advanced feature that lets you create a secret 25th password.
Warning: this is advanced and not necessary for most people.
But I wanted to share this with those who don't know.
Don't let your seed phrases exist in the digital world.
• Don't store them on dropbox
• Don't store them on a USB stick
• Don't store them on your password manager.
Write your seed phrases down.
But not on paper...
• Don't store them on dropbox
• Don't store them on a USB stick
• Don't store them on your password manager.
Write your seed phrases down.
But not on paper...
Store Seed Phrases on Metal
Most people write their seed phrases on sheets of paper. What happens if there's water or fire damage?
Keep your seed phrases on steel.
I bought a bunch of these from Amazon.
BTW, there are cheaper options out there like an engraving pen.
Most people write their seed phrases on sheets of paper. What happens if there's water or fire damage?
Keep your seed phrases on steel.
I bought a bunch of these from Amazon.
BTW, there are cheaper options out there like an engraving pen.
Shamir's Secret Sharing
You break your seed phrases into parts. Distribute them to different people/places.
And to get access, you need 3 out of 5 (customizable)
It's kinda like Lord Voldemort broke his soul into different pieces and put them in the Horcrux.
@cryptosteel
You break your seed phrases into parts. Distribute them to different people/places.
And to get access, you need 3 out of 5 (customizable)
It's kinda like Lord Voldemort broke his soul into different pieces and put them in the Horcrux.
@cryptosteel
Where to hide your seed phrases?
Don't store them in a safe - too obvious.
Get creative on where you hide them.
I read that someone freezes his Seed Phrases in tomato soups, and stores them at the bottom of his deep freezer.
p.s. safety deposit boxes are NOT safe
Don't store them in a safe - too obvious.
Get creative on where you hide them.
I read that someone freezes his Seed Phrases in tomato soups, and stores them at the bottom of his deep freezer.
p.s. safety deposit boxes are NOT safe
Secure your Accounts /w 2FA
Use Google's Authenticator app.
DO NOT use SMS authentication.
Hackers can get a duplicate sim card from your phone company. (Because phone companies are fucking stupid)
And then bypass your 2FA.
Use the Google Authenticator app ONLY.
Use Google's Authenticator app.
DO NOT use SMS authentication.
Hackers can get a duplicate sim card from your phone company. (Because phone companies are fucking stupid)
And then bypass your 2FA.
Use the Google Authenticator app ONLY.
Transact on a Separate Device
I have a main laptop that I do everything on.
I own a separate laptop just for transactions.
In case my main laptop gets compromised, all they can steal is my hentai collection.
I'll be sad, but my coins will be safe at least.
I have a main laptop that I do everything on.
I own a separate laptop just for transactions.
In case my main laptop gets compromised, all they can steal is my hentai collection.
I'll be sad, but my coins will be safe at least.
Operating System
Most people are using Windows, Mac, or Chrome OS.
There are operating systems that are designed for privacy and security.
• @QubesOS
• @Tails_live
You can use a Win / Mac as your main device, and use a more secure OS for your Crypto transactions.
Most people are using Windows, Mac, or Chrome OS.
There are operating systems that are designed for privacy and security.
• @QubesOS
• @Tails_live
You can use a Win / Mac as your main device, and use a more secure OS for your Crypto transactions.
Always Use a VPN
VPN are like the condoms of the internet.
NEVER use public wifi without a VPN.
The most secure is @mullvladnet.
They keep ZERO information about you or anything to identify you.
VPN are like the condoms of the internet.
NEVER use public wifi without a VPN.
The most secure is @mullvladnet.
They keep ZERO information about you or anything to identify you.
Install Firewall Software
Think of it as a "shield" for your internet.
Every incoming/outgoing action must be approved or added to the white list.
Windows: Win10 has an amazing built-in Firewall
Mac: I recommend @littlesnitch aka Tekashi69's favorite software.
Think of it as a "shield" for your internet.
Every incoming/outgoing action must be approved or added to the white list.
Windows: Win10 has an amazing built-in Firewall
Mac: I recommend @littlesnitch aka Tekashi69's favorite software.
Limit Smart Contract Spending
Some smart contracts allow a protocol to spend an INFINITE amount of money.
You're giving a blank check to a stranger.
You can set limits with the Custom Spending Limit feature.
Some smart contracts allow a protocol to spend an INFINITE amount of money.
You're giving a blank check to a stranger.
You can set limits with the Custom Spending Limit feature.
Watch out for "fake" sites
Once you find the right site, BOOKMARK it in your browser.
Use the official website to find the links to the official discords, telegrams, etc.
Common fake sites include:
• Fake protocols
• Fake exchanges
• Fake wallet sites
Once you find the right site, BOOKMARK it in your browser.
Use the official website to find the links to the official discords, telegrams, etc.
Common fake sites include:
• Fake protocols
• Fake exchanges
• Fake wallet sites
Keep your funds off Central Exchanges
CEX's get hacked.
They can also freeze your account and KYC you to death.
You can buy coins from CEX's, but send them to your wallet as soon as possible.
"Not your keys no your coins"
CEX's get hacked.
They can also freeze your account and KYC you to death.
You can buy coins from CEX's, but send them to your wallet as soon as possible.
"Not your keys no your coins"
Official places can get Hacked
• Elon's account was hacked last year. The bad actors did a Bitcoin giveaway scam.
• Hackers target official discords now.
Don't fomo into things. Verify with others first.
• Elon's account was hacked last year. The bad actors did a Bitcoin giveaway scam.
• Hackers target official discords now.
Don't fomo into things. Verify with others first.
Be careful of email phishing attacks.
Crypto websites related websites are always getting hacked. Bad actors email databases of Crypto users.
And then send ppl to scam sites.
Create a new email just for Crypto - I suggest @protonmail.
Crypto websites related websites are always getting hacked. Bad actors email databases of Crypto users.
And then send ppl to scam sites.
Create a new email just for Crypto - I suggest @protonmail.
Always send a little bit 1st
Whenever you're sending a transaction, always send a small amount first as a test.
Verify that it goes through to the right address.
Even @VitalikButerin sends test transactions.
Whenever you're sending a transaction, always send a small amount first as a test.
Verify that it goes through to the right address.
Even @VitalikButerin sends test transactions.
Do the addresses match?
Some viruses can hijack your Clipboard to insert their own addresses.
Whenever you're sending a transaction, make sure it's to the right address.
Don't be lazy and verify just the last 4 digits of the address.
Read and verify the whole thing.
Some viruses can hijack your Clipboard to insert their own addresses.
Whenever you're sending a transaction, make sure it's to the right address.
Don't be lazy and verify just the last 4 digits of the address.
Read and verify the whole thing.
Dust Attacks
Have you ever received unknown tokens out of nowhere into your wallet?
It could be a dust attack.
They're trying to trick you into interacting with it.
There could be malicious code in the smart contracts.
Don't move it.
Don't touch it.
Have you ever received unknown tokens out of nowhere into your wallet?
It could be a dust attack.
They're trying to trick you into interacting with it.
There could be malicious code in the smart contracts.
Don't move it.
Don't touch it.
Revoke Contracts
A protocol gets exploited. You're vulnerable. At that point, you should end the contract.
You can use apps like @zapper_fi or @Rabby_io to revoke contracts or go to ecosystem scanners.
For ETH, use @Etherscan
For AVAX, use @SnowTraceHQ
A protocol gets exploited. You're vulnerable. At that point, you should end the contract.
You can use apps like @zapper_fi or @Rabby_io to revoke contracts or go to ecosystem scanners.
For ETH, use @Etherscan
For AVAX, use @SnowTraceHQ
Don't blindly connect your wallet to websites
You don't know what these protocols can do once they have access to your wallet.
• Always make sure you're on the official website.
• Don't connect unless you have a specific reason to.
• Disconnect once you're done.
You don't know what these protocols can do once they have access to your wallet.
• Always make sure you're on the official website.
• Don't connect unless you have a specific reason to.
• Disconnect once you're done.
Social Engineering
You can have the best security in the world, but you can still fall for scams and cons.
Remember...conmen and scammers do this for a LIVING.
Let's look at popular ways of social engineering.
You can have the best security in the world, but you can still fall for scams and cons.
Remember...conmen and scammers do this for a LIVING.
Let's look at popular ways of social engineering.
Fake YouTube Live Streams
Scammers will record a REAL stream with prominent people.
They will then upload the replay, and add a fake overlay on top.
Directing people to a scam site in order to get their seed phrases.
Scammers will record a REAL stream with prominent people.
They will then upload the replay, and add a fake overlay on top.
Directing people to a scam site in order to get their seed phrases.
Fake Customer Support
Scammers are looking for people who need help on Discord, Telegram, Twitter, Reddit, etc.
They will have fake accounts pretending to help.
They direct people to scam websites that look like the real thing.
Scammers are looking for people who need help on Discord, Telegram, Twitter, Reddit, etc.
They will have fake accounts pretending to help.
They direct people to scam websites that look like the real thing.
Influencer Scams
It's a bear market - rent is due soon for those high-rise condos.
Watch out for all the different ways that influencers scam.
It's a bear market - rent is due soon for those high-rise condos.
Watch out for all the different ways that influencers scam.
Abusing Credibility
People can easily photoshop images and videos.
This is going to become even worse as deep fake technology evolves.
Here's a simple photoshop scam using Vitalik
People can easily photoshop images and videos.
This is going to become even worse as deep fake technology evolves.
Here's a simple photoshop scam using Vitalik
Don't Talk About Crypto IRL
Inflation's at an all-time high.
Crime rates are going up.
Talking about Crypto in real life puts a target on your back. It makes your home a target for burglaries.
Don't make Crypto your personality - no one cares.
Inflation's at an all-time high.
Crime rates are going up.
Talking about Crypto in real life puts a target on your back. It makes your home a target for burglaries.
Don't make Crypto your personality - no one cares.
Trust Must be EARNED
DO NOT blindly trust anyone in this space.
• Why would someone DM you to help?
• If someone is making money, why would they help you 1 on 1 for free?
If it's too good to be true, then it is.
DO NOT blindly trust anyone in this space.
• Why would someone DM you to help?
• If someone is making money, why would they help you 1 on 1 for free?
If it's too good to be true, then it is.
This was exhausting to write.
I researched stories of different people losing their life savings from these tactics.
Remember that behind every tactic I share, are tons of people who got REKT'ed.
Learn from their mistakes.
It's your responsibility to protect your funds.
I researched stories of different people losing their life savings from these tactics.
Remember that behind every tactic I share, are tons of people who got REKT'ed.
Learn from their mistakes.
It's your responsibility to protect your funds.
That's it for today!
Bookmark this if you want to re-visit it again.
If you want more awesome content, subscribe to my emails over at thedefiedge.com
Bookmark this if you want to re-visit it again.
If you want more awesome content, subscribe to my emails over at thedefiedge.com
Oh, and one more thing.
It'd mean a lot to me if you could like/retweet the 1st tweet linked below.
Help your frens not get rekt'ed!
It'd mean a lot to me if you could like/retweet the 1st tweet linked below.
Help your frens not get rekt'ed!
Loading suggestions...