How to not get scammed in crypto

Consumers lost over $5.8 BILLION to fraud

Don't want to be included in calculations above? Read this!

Main rules

1. Do not share your seed phrase with anyone. DO NOT. If you are using ACO services (mint for you using bot) - send private key from your burner.

2. Burner? Burner is a wallet used for various dirty and dangerous situations where you can get scammed. Nothing is stored on it.

You should have a clear separation of wallets:

The main wallet, which is used ONLY for storing money and NFTs, ideally a cold wallet.
And the burner wallets that you use only for minting, buying, selling, putting your D in the unknown hole etc.

To emphasize again - mint only using burners with the exact amount of money needed for mint and nothing else.

3. THINK and don't hurry. This is the most important and universal rule.

Random dude offering you to buy your NFT 1.5x fp price. Why is he doing it?

Random dude rushing the trade and want to close quickly. Why is he hurrying?

Random dude offering his own middleman instead of a well-known one. Why you don't know this middleman?

And so on. THINK.

4. If you are doing something for the first time/not sure - ask whether it is scam or not in chat. People will help you

Types of scam

Now let's go directly to practice so that you can identify the scam before your head even start thinking. I must say right away that it is impossible to make the whole list. The scammers are constantly evolving and coming up with new and new ways to take your money. Below are the most common ones that you are most likely to stumble upon.

1. Links in DMs

You joined the discord server of some random project. And suddenly, what a luck!!! You won WL/BTC/ETH/million dollars/ a lambo etc. Scammers use bots to mass send DMs to new comers and say that they won something, or the stealth mint just started and they need to mint RIGHT NOW. If you go to their link and do something there - you will 100% get scammed. I won't describe how exactly, you can ping me in chat and ask (AstralEX#6636)

Also you can get a message from fake verification bot that will ask to scan QR-code. Don't do this.

Yes, there are some dumb bots that send you a captcha in DM, but they don't ask you to click on links. (I wonder how many people got scammed because of their developers)

How to protect?

• Don't click on random links
• Don't be stupid. How is it even possible to believe this???
• Close DMs if you don't want to think

2. Discord server hacks. Drainers.

It happens that some not brain-cells-gifted admins of servers get L on the scam described above, or on the scam described below and their discord accounts got stolen. After that, the attacker posts the announcement like "We decided to mint earlier, here is the link, not many supply is left" and attack the link with the drainer (it's the thing that will drain all money from your wallet, after you preliminarily agree with it)

Sometimes some projects right from the start designed to scam (usually free mints), where instead of free nft, you receive a money-free wallet ;)

Solana free mint = no brainer + no drainer pls

How to protect yourself?

• Check the address of the mint site (it can be launchnymft.io instead of launchmynft.io for example).
• Before you confirm the transaction, read what you give and what you receive.
• Use burner of course.
• Take your time, think.

3. Fake servers, twitter accounts and websites.

Fake servers:

In the old days, the meta of "Closed Discords" was very popular to attract more FOMO = more apes. How it worked: project posts a link from the private discord for 5-10 minutes and those who managed to get in now can grind for their whitelist. After this time, the discord link is deleted.
However, the poor founders did not take into account that if you boost enough server, you will be able to create a link you want. And now the SZNdroiD code does not lead to a real server, but to a fake one, where nothing but the announcement that the tells you TO MINT NOW, 5 NFTS LEFT LFG / IN ORDER TO GET WL TOKEN - GO TO THIS WEBSITE, 10 SPOTS LEFT (a fake FFF is specially created for this), but there is a drainer that sucks all the money like a vampire.

This is called "Link hijack"

How to protect? - like in the paragraph above.

It also possible that a server is created not for the draining, but for the stealing of accounts. To do this, a fake verification bot is used, which throws you to the third-party website and asks you to enter log+pass / scan a QR code, which will then give hacker access to your account bypassing 2FA. The only normal verification bot via a third-party site - https://captcha.bot, everything else is a scam.

How to protect yourself? - check domains, do not scan QR codes, read what you do and think.

Fake twitter accounts:

Scammers create twitter account - a copy of the original one. Change some letters: l (lowercase "L") to I (uppercase "i"), bot followers, likes, retweets, do a bit of a marketing and you can screw up dudes. You can usually stumble upon them when someone tags you under their post.

In order to not get rekt - think and check usernames.

4. NFT Trade

Was really popular before the 0% royalties.

You are selling NFT in the trading channel of a server. A person writes to you that he is ready to buy it for 1.5x fp, backing it up with any arguments. The middleman in such transactions is either FFF or yawww with their exchange tool.

How can you be scammed?

• They slip fake NFT - always check the metadata.
• They send a link to a fake website - check domains.

In order not to fall for either, always offer the trade first, check the metadata, take your time and think. When you trade for the first time - better ask for advise.

5. Target Attack

The scariest thing is when someone has a goal to scam or hack exactly you as a person. To do this, all means are used - social engineering, ingratiating with the trust, targeted hacking, broot, etc.
It is almost impossible to fully protect yourself, but what this should help:

• Do not store passwords, seed phrases and private keys on the Internet
• Use different passwords
• Two-factor authentication is very important. Just turn it on everywhere - it cost you nothing.
• If your mail got hacked - you fucked. Take care.
• Buy ledger ASAP and store everything there.
• Don't make enemies.
• Don't trust anyone on the Internet.

Example of a dangerous and popular target attack:
You receive a DM from a founder of a cool and developed project that offers you a huge salary for stupid moderation job. He asks you to pass verification by scanning qr code/logging in some random website or asks to download their app. You know what's gonna happen ;)

Note that they can bot literally everything. Discord, founder's accounts, founder's twitter accounts, other team members, twitter etc etc. So don't be distructed by big numbers.

6. Do not download bullshit

Install antivirus

7. Scam NFTs

Here, the range is limitless. Fake airdrops, giveaways, loot boxes, mints, etc. that are advertised by sending scam NFT to your wallet.
A slightly more dangerous is a targeted scam, when, for example, hold and Astrals NFT and they send you an NFT that says that there are a kind of airdrop exclusively for holders of this project. "Go claim/mint/sign"

How to protect yourself - do not touch the NFT that came to you from nowhere. Founders always announce all airdrops, you won't miss anything.

If you want to check it, follow the tips above (THINK, check the transaction, verify domains, do not enter data, etc.).

Where to put them? BURN🔥

To sum up.

1. Think.
2. Think with your head.
3. Do not hurry.
4. What's the point?
5. Use burners. Store money on ledger.
6. Check transactions and domains.
7. Use 2FA.
8. Download good antivirus.
9. Protect your email.
10. Always ask if you don't understand something.

Also, I was constantly speaking about someone who can help you. But who??? It's me on my twitter!

10kdrop — a tool and academy for retrodrop hunters