Cryptocurrencies are all the rage right now, and with good reason: they hold the potential to revolutionise how we do business online. However, this also makes them a prime target for scammers. If you’re not careful, you could end up losing your hard-earned money to a crypto scam. However, if you follow these 10 tips, you are far less likely to fall victim to scams or other unfortunate errors that will result in your hard earned bread disappearing forever.
1. Access your most used crypto sites using bookmarks
You’re excited. You’ve just discovered a token that’s about to blow up, but it is not even in any of the swap sites yet (Uniswap, Pancakeswap etc.). Nor is it in Trust Wallet or Metamask. You absolutely cannot wait to get your hands on this money printer!
A good strategy is to bookmark all the regularly used legit crypto sites on your browser, such as coinmarketcap.com or coingecko.com. Each time you access a site you want, you do it through the bookmarked tab. That way you minimize the chance of making an error and visiting the wrong site, designed to steal your hard earned bread.
Think you are too smart or experienced to fall for this one? Well, think about it this way. You have a hard 8 hour day at work, followed by a tough gym session after work. You get home, look after kids and family, and do the normal household chores. It is now the end of the day, you are exhausted and while watching TV to unwind, and talking to your husband/wife, you multitask and decide to check your juicy passive income gains on your wonderland time balance, to put you in a good mood.
You type “wonderland time” into google and click on a google result that look legit. Would you really notice the difference, between the google results “https://www.wonderland.money” and “https://www.wondreland.money” in your tired and distracted state of mind? One of those links will take you to the Promised Land, the other will get your crypto jacked.
Above: A recent Binance scam example. Those two dots under the Binance URL mean that you’re not actually looking at or using the real Binance site. Instead, you’re looking at a totally different site made by scammers to look nearly identical to the Binance site. It has been magnified here considerably for clarity. Would you have spotted that in the small font of a normal web address?
2. Store your crypto on a hot, or even better, cold wallet
“Can’t be bothered getting a wallet. Waste of money, waste of time, pain in the bum to figure out the boring technical stuff of how to use one, everyone leaves the crypto on exchanges anyway.” I know the feeling. I used to be one of these guys for months.
Well, leaving all your hard earned crypto in an exchange can be risky. Exchanges are vulnerable to hacks from criminals and mismanagement by employees.
QuadrigaCX, once Canada’s largest crypto exchange, experienced the death of its owner. Sadly only he had access to the password keys to that exchange, resulting in the loss of 143 million USD of user funds.
Africacrypt, once one of Africa’s largest exchanges, lost 3.6 billion USD of bitcoin due to hacks, or suspected theft by the owners of the exchange. Mt Gox famously lost 860 000 bitcoins due to hacks. There are countless stories like this.
An average of 1.6 billion USD is stolen from exchanges each year. Then add to this the risk of sudden changes in the terms and conditions of trading on these platforms, leaving traders who do not act in time out of pocket. You leave your crypto on an exchange, and go on holiday trekking through the jungles of South America for 2 months. You come back, and the exchange no longer exists, or it exists but has ended operations in your country. You try and contact them, but they tell you there is nothing you can do. They sent you a warning about this months ago and you didn’t act in time. No fat loaves of tasty bread left. Hell, the whole bakery has gone.
To mitigate this risk, make a habit of only storing what you frequently trade on exchanges. Everything else should be stored in a cold wallet which you own. Cold wallets like Trezor and Ledger are much more secure than hot wallets. Hot wallets like Metamask and Trust Wallet are more secure than exchanges, for the most part.
Of course, common sense and risk tolerance play a role here. For example, if your portfolio value is generally is in the low-to-mid hundreds of dollars, then investing $250 on a cold wallet might not make a lot of sense. But as you bake up a storm over time, and your portfolio increases into the tens of thousands of dollars and beyond, a $250 cold wallet is almost an absolute must for security and is cheap as chips for the security it provides.
3. Enable wallet password requirements and where possible, 2FA authentication on any free online wallets that you use
Yes, it is an awkward pain to have to keep entering passwords every time you want to use metamask or trust wallet. However it is a small price to pay compared to opening up your wallet one day and experiencing that awful feeling in the pit of your stomach and back of your throat when you find it completely empty.
These shady hackers have the ability to remotely send Ethereum to your hot wallet, and then send everything in it to their wallet address. This is not uncommon. It has even happened to an experienced and a well-known crypto influencer a few weeks ago, a presenter on CryptoLogic which is a well-known crypto YouTube channel.
Do you leave your house door unlocked when you leave for work? No? Then do not leave your hot wallet unlocked either. Consider using the fingerprint password option for convenience.
4. Beware of unexpected, free token airdrops
You open your Trust wallet or Metamask one day and find tokens you have never seen before. “Happy days!” Must be good karma for the help you gave that person in a wheelchair pick at Coles last week” you think as you smile to your lucky self and click on the token to check it out. Once that is done, the sad process towards losing your bread has begun.
Do not touch, interact or even delete any unknown tokens that appear in your wallet. Leave them there until you have spoken to an expert or professional for advice.
5. Test transactions for any new process you use for the first time with a small amount before sending large amounts of cash or crypto
Whenever you are performing a transfer of cash or crypto for the first time to a new destination, send a very small amount of money or crypto as a test to ensure it works, before sending in a large amount.
Sending crypto to a new exchange for the first time? Send a small test amount.
Sending money to a new wallet for the first time? Send a small test amount.
Sending cash from your bank to an exchange for the first time? Send a small test amount.
It doesn’t matter how experienced you are in the market, if you never do this, one day you will make a mistake and you can kiss your beautiful fat stacks goodbye.
Bonus Tip: Take your time. I lost $5,000 instantly because I put my WIFI password in as my MEMO. Big mistake.
6. Do not participate in any give-aways
A man named Sebastian and his beautiful wife in Cologne, Germany invested 40k in Bitcoin in 2017. They bought 10 bitcoins. Sebastian and his wife excitedly watched it grow to 500k this year. The happy couple and made plans for early retirement, many family holidays, and the good life.
One night, earlier this year he was up alone watching TV as his wife and family had gone to bed. He went on Twitter after receiving a notification. “Elon Musk is giving away Bitcoin. Whatever Bitcoin you send, you will receive double back!”
Sebastian checked the twitter account handle. It has the blue verification logo next to the name. “Yep, must be real the real Elon Musk” he thought. He clicked on the links in the post. The websites looked professional. There was a countdown timer before the deal expired. “Must act fast!” he thought.
Without consulting his wife, he decided to send all the family’s 10 bitcoin to the address, while his wife and everyone was asleep. Imagine his horror when the countdown reached zero and nothing happened. This man, an experienced IT and Marketing professional, lost it all, the largest ever loss of Bitcoin in one transaction at the time. No holidays, no more early retirement, no more good life. And he had some BIG explaining to do to his wife.
Do not participate in any give aways as a rule – and if you decide to make an exception, please ensure you do your research and check with someone experienced that you trust in the space that you trust before executing the trade.
7. Secure your passwords
Gone are the early days of the internet when we only had to remember one or two passwords. If we had a dollar for every password that we have, we would probably all be driving Lambos right?
Password security is essential for long term success in this space. Good practices include never giving your private key/security phrase/recovery phrase to anyone online.
Do not take photos of your screen to store your passwords, as your computer camera could be compromised.
Do not store passwords online or in folders on your computer either as your computer could be compromised.
There is one exception to this rule, which is good practice. Use a good password manager, as this delivers both security and convenience. A password manager safely remembers your usernames and passwords for you, and it also provides all your online sites and services with very strong, unique passwords. Passwords you do not need to remember or write down. All you need to remember is a single password to unlock the password manager. We use 1Password.
8. Do not sign up and trade with any exchange that you have not researched properly
If you discover a new token that interests you, and it is on an exchange that you have never heard of before, or that you are unfamiliar with, research it properly and get a second opinion. Are they regulated? Where are they based? Have they been around for a long time?
Failure to address these and other important issues before making a decision to conduct transactions on them is potentially sending your crypto on a one way ticket to destination rekt.
9. Be very vigilant when using Telegram
One of the most successful scams on telegram is the fake group scam. Many projects have Telegram groups that are a great source of information. Unfortunately these great projects have a lot of scammers using very similar looking telegram groups pretending to be the authentic telegram group of the project. Their intent is to rob you.
It can be hard to tell which is which, especially at the beginning when you first discover the Telegram group of the project you are interested in, or when you are invited by a stranger to join a group that interests you. The scam group might contain very similar pinned messages, simulated conversations, and admin members with similar names to the original group.
Fortunately, this scam is also one of the easiest to avoid. Simply change your group invite settings to “My contacts” only — and you’ll essentially eliminate this problem.
Good practices also include never submitting sensitive information over telegram or off telegram privately to members, especially in the early stages of using the group. Check the number of members in the telegram chat before using it. If the numbers are very low, treat that as a red flag.
Telegram scammers can sometimes directly message you, posing as an admin or support staff from the group. They will pretend to be interested in a question you asked or problem you asked for help with. These scammers will offer some sort of help — which usually ends up with them asking for your private keys or seed phrase, or asking you to login into a platform or site designed to steal these details.
When you check their profile, they will likely be almost identical to a genuine admin in the group. However, they will either have a username that attempts to copy the original (e.g. KasiAN Franks instead of Kasian Franks )
Telegram scams are some of the most convincing scams in all of crypto. Always be very vigilant in these groups.
10. Do not fall for The Nigerian Prince scam
You’re probably laughing when reading this one. “I’ll never fall for that old chestnut!” you think. For those who don’t know, the “Nigerian Prince” scam, also known as the 419 scam as one in which a stranger requests help in facilitating the transfer of a sum of money. This is generally done by email.
The scam typically involves promising the victim a significant share of a large sum of money, in return for your identity details and a small up-front payment.
The wronged “Nigerian Prince” claims this will be used to obtain the huge inheritance of his dead father, who was the powerful and wealthy king or dictator of some African country. (The scammer usually says the small sum is needed to bribe someone like a bank official to release the funds.) You will then receive a huge cut of the large sum.
Seems easy to spot if the scam still used that format. Sadly for us the “Nigerian Prince” has upped his game with the times. The modern approach is much more flexible, subtle and harder to detect in the Bitcoin era.
For example, you could be playing the popular app game “Words with Friends” or some other game app on your phone with the same stranger for weeks. They strike up a conversation, and after a while and many conversations about your dogs, kids interests etc. a level of “trust” builds up.
Once you are “online friends” they tell you they work as a forex and crypto trader. They then offer you an amazing opportunity to trade bitcoin/crypto using their advanced algorithm and offer you an opportunity to profit from this by sending him or her your personal details and/or crypto.
Moral of the story? Do not give anyone that you have not vetted custody of your identity information or financial assets. No matter how nice, harmless and authentic they seem. Doesn’t matter if it’s on Tinder, Match.com, Words with Friends, or any other “harmless” medium or platform, the shady scammer is a master of disguise.
That’s it for today folks. Happy baking, go make that bread and stay safe out there!