Stay Safe Out There
I want you to imagine the most high-security bank in the world. Picture the vault. Think about its meter-thick walls reinforced with some of the strongest materials known to man. Think about the super complicated opening procedure that utilizes an assortment of number combinations, biometric verification, and physical keys to get inside. Think about all of that money locked inside.
Sounds pretty impossible to break into right?
You’d be right…unless of course the security detail in charge of protecting that vault decided to… just leave it unlocked.
You’d be kicking yourself pretty hard if you somehow managed to allow someone to come in and steal your assets from one of the most highly-secure places in the world. Especially from such a silly oversight.
Unfortunately, that’s the reality of crypto these days.
Cryptocurrencies operate as one of the most secure assets in the world. It is effectively impossible for someone to break into your “vault” (a.k.a. your wallet) when the vault in question is properly locked. However, there are a lot of smart scam artists out there all with the intention of tricking you into “leaving your vault unlocked”.
So don’t be the person who regrets not locking up their assets. Let’s take a moment and refresh ourselves on some of the latest tricks that scam artists will try to play on us. If you see them coming, you’re much less likely to fall for them…
Phishing Attack
Crypto can be a confusing and complicated place for newcomers and veterans alike. This inevitably leads people to ask for help. This is when the “fishermen” cast out their lines. These scammers will often present themselves as a trusted party and offer support. In reality, they are imposters baiting you into revealing sensitive information.
Don’t take the bait.
They might ask you to share details or send you to a malicious website that can drain your wallet of funds if you connect. Attacks can come from anywhere. Even trusted sites could be compromised.
Just like a lure dupes a fish into taking a big ‘ol bite of a metal hook, phishing attacks trick you when you least expect it. It’s all about deception. Some of the common methods used are:
Fake helpdesk support
Modified Brand URLs
Fake Captcha Bots
3rd Party overlays
Google Ads
A.k.a. all of the places that feel safe on the internet. So stay vigilant. However, there are ways to stay safe in these treacherous waters. Here are some tips:
Bookmark URLs to the sites you visit often
Do not trust captcha bots
Never click links sent directly to you.
Always check URLs you are connecting with
Stop using Google Search. Find sites through official communication channels (Twitter, Discord, etc.)
If prompted to connect your wallet, double check and ask why
Fake Airdrop
Imagine if Santa unexpectedly turned evil this year. We happily let him into our homes just for us to open a present and find a lump of coal… and open our wallet to find he’s stolen everything we’ve got. This is what its like to get a fake airdrop.
It’s the same playbook as those old internet pop-up adds saying you won a new iPhone…all you have to do is give us your credit card information so we can “confirm it”.
What feels like an unmissable opportunity turns out to just be a scam. The way it works in crypto is that a bad actor will directly send a token to your wallet. When you find this mysterious airdrop token, you might approve it to trade on an AMM so you can “cash out”. In reality, this approval will actually just compromise your wallet, and Dirty Santa will make out with your funds like a bandit.
So how do you stay safe? Simple. Don’t do anything. As long as you don’t interact with the token, your wallet will be safe.
Fake airdrops prey on FOMO. If it seems too good to be true, it probably is. Do your due diligence on a token if you think it is legitimate. It’s up to you to keep your wallet safe.
Honeypot
This is the classic one-way trap that’s been fooling bugs for decades. You leave something sweet in a bottle. The flies will go inside to get their delicious meal only to realize they can’t get back out. They’re stuck.
A honeypot scam does the same thing but with your money. A new token will launch and buyers will enter the trap. When buyers buy, they pump the price. This attracts new investors and the price goes higher. However, the smart contract for the token will prevent anyone from selling their new tokens. So your funds are stuck inside where the bad actors will come in and simply funnel away all of the money.
How can you steer clear of these traps? Do some research before impulsively buying a new token. Can you see sell transactions on a DEX screener? What are socials saying? Is there a Telegram/Discord? Has the protocol been audited?
Just a few quick checks can help keep you and your funds safe.
Rug Pull
This scam is one of the most well known in crypto with “getting rugged” becoming as common a phrase as “gm” it seems. Its synonymous with any token that sees a sharp drop in price, whether organically driven or malicious.
The rug pull is a product of the permissionless nature of web3 protocols. However this decentralization comes at the cost of having fewer safety rails. On a DEX, any user has the power to list a token by simply adding liquidity. So how can a bad actor use this ability to scam users?
Essentially, a rug puller can list a token and use marketing/hype to pump the price of the token. Once that liquidity builds up, they can use a “back door exploit” to withdraw all of the liquidity and exit out the proverbial back door with all of the funds that users invested.
Most of this time this occurs very swiftly, before you have a chance to save any part of your investment. Occasionally this can play out over a longer period of time. The classic “Steady lads. Deploying rug.” approach.
Once again, your best defence against rug pulls is research. Here are some things you might want to ask before you invest in a new project.
Has the protocol been audited?
Research the Founding Team
Is the Token price behaving erratically?
Check existing Liquidity - higher the better
Always try and confer with friends
Derivative names are sus, eg DogeLamboMoonCoin
Those are just a few…
Crypto is still in its “wild west” phase right now. This can make it quite fun but also quite dangerous. From scam artists to hackers, there are a lot of things to watch out for while we explore the frontier of DeFi. The best way to stay safe is to stay knowledgeable. So let’s make sure we educate our frens. If we all work together to spot and stop these scams, we can help make the blockchain a safer place for us all.
About Trader Joe
Trader Joe is a one-stop-shop decentralized trading platform native to the Avalanche blockchain. Trader Joe builds on the frontier of Decentralized Finance, providing users with an innovative and unique trading experience that is seamless, accessible and empowering.