General
Be careful out there! We explain you all about phishing and other threats!
Some time ago we explained you the top 14 scams and how to avoid them, in this in-depth article:
14 Types of scams and how to avoid them. – DEXTools
Crypto and DeFi scams have been multiplying lately, from the most common and soft to the most intricate.
We remind you of some of the most dangerous ones, so that you can be alert and safe. With an emphasis on phishing, a type of scam that started outside the crypto world but has become very present in crypto lately, becoming increasingly sophisticated. For example on X (former Twitter), of which we will give you examples as well later on.
In DEXTools we consider security one of our main concerns, and for this reason we provide you with a useful token score and the best audit tools. But remember: always Do Your Own Research (DYOR). Security starts with you!
In this Academy video you will find some good security tips.
And now, let’s talk about some dangerous scams…
5 most common scams: be careful out there
1-Rug pull: token team withdraws liquidity.
- To avoid this, you must investigate the project team. Check liquidity lock… and use DEXTools!
2-Honeypot: this is the most common scam. A type of rug-pull in which the token allows buying but not selling.
- Check the smart contract and transactions. Investigate the project and verify the proxies!
3-Dusting: they are malicious airdrops. They act like a Trojan: if you approve the token in a DEX (allowance), then the scammers will have access to your funds.
- Avoid it by not approving unknown tokens: unapproved tokens are harmless. Research token and social information and check liquidity!
4-Address poisoning: these are transactions that take advantage of the singular properties of the blockchain to mislead users.
- To protect yourself from this scam, always double check your transaction data to prevent transferring funds to the incorrect address by mistake.
5- Botting: the scammer leaves all funds in a wallet without gas, and the user sends some gas, which is redirected to the scammer’s wallet.
- To safeguard yourself, take care of your private keys and remove allowances. Check transactions and do not approve unknown contracts!
Phishing, a common scam that has become increasingly sophisticated.
- Phishing in crypto are fraudulent attempts to obtain sensitive information, such as usernames, passwords, or private keys, by posing as a legitimate entity.
- Phishing attacks in the crypto space can lead to unauthorized access to users’ funds, identity theft, or other malicious activities.
- These attempts are often carried out through websites or other digital communications that mimic trusted platforms.
The case of X (formerly Twitter)
Lately, impersonations on the X platform have been abounding, so we warn you especially about these ones!
The most common scams on X (formerly Twitter) are as follows:
Honeypot Accounts
- They lure users with DMs, targeting individuals in crypto scams.
False Airdrop Announcements:
- Every day, numerous fake airdrops appear on X and other platforms, promoted by supposedly trustworthy and verified profiles.
Scams through Verified Profile on X
- Exploit trust in notable figures within the Crypto and NFT space. Enthusiasts often follow these accounts on X trustingly.
Fake Art Commissions
- They target digital artists, distributing malware-laden files.
Play-to-Earn games:
- Malicious play-to-win (P2E) game projects with a profile on the X platform are emerging. They use malware hidden in their files, specifically designed to steal users’ data and browser extensions.
Front-Running Scams
- They entice users with notifications on X, transferring funds to the perpetrator’s addresses.
Here’s how phishing in crypto usually works:
- Fake Websites: Phishers create fake websites that imitate popular cryptocurrency exchanges, wallets, or ICO (Initial Coin Offering) pages.
These websites are designed to look identical to the real ones, making it difficult for users to distinguish between them. Unsuspecting users may unknowingly input their login details or private keys into these fake websites, allowing the attackers to steal their funds.
- Social Engineering: Phishers may also resort to social engineering tactics to manipulate users into revealing their sensitive information.
This could involve impersonating customer support representatives or influential figures within the crypto community to gain users’ trust and persuade them to disclose their login credentials or private keys.
- Malicious Software: Phishing attacks can also involve the distribution of malicious software, such as keyloggers or remote access trojans (RATs), which can capture users’ keystrokes or give attackers remote access to their devices.
These malware programs may be disguised as cryptocurrency wallets or trading applications, tricking users into installing them on their devices.
How to protect yourself against phishing attacks (and from other scams) in crypto-space.
- Always verify the legitimacy of websites, interactions on platforms such as X and, in general, communications of all kinds before providing any sensitive information.
- Use hardware wallets or reputable software wallets with strong security measures to store their cryptocurrencies.
- Enable two-factor authentication (2FA) wherever possible to add an extra layer of security to their accounts.
- Keep your devices and software up to date with the latest security patches and antivirus protection.
- Be cautious of unsolicited communications or offers that seem too good to be true, as they may be attempts to lure them into phishing scams.
Conclusion: be well informed and don’t be fooled.
Well, we have explained to you some of the most dangerous scams and how to avoid them.
- There are a multitude of them, including “softer” ones such as soft rug (token’s team disappears leaving part of the liquidity), limit on sell (a “light” version of Honeypot, where the token has limits on buying and selling), Frontrunning bots (when you buy or sell, they mimic you in the same block, to make you pay more and take the difference), etc.
The list is huge, and so should be your caution.
Thank you for trusting us and stay safe!
