TS6 | Five Rules To Avoid Getting Scammed
The NFT world is new and interesting and there are new things cropping up every day. It’s like the Wild West during the Gold Rush. But like the Wild West, it’s also full of scamsters and people trying to con you for a quick thousand dollars or two. But fear not – there are five simple rules you can follow to safeguard yourself. Today we discuss how
Table of Contents
Discussion Topics: Five Rules to Avoid Getting Scammed
- Protect your recovery phrase even when you have $0
- Don’t click links other than those on official profile
- Don’t interact with strangers on Discord or Twitter
- Use official platforms even if they are more expensive
- When in doubt, ask the community or trusted individuals
Transcript: Five Rules to Avoid Getting Scammed
Hello, everybody, once again, thank you for tuning in to today’s episode of The Token Singaporean, my name is Vnstr. And I think today’s episode is very interesting to me, it is also one episode that I feel might be one of the most important episodes that everyone should listen to. Because this is about security issues, and possible scams in this space. Personally, when I first started out in this space, I went through it by experimenting with a lot of things on my own.
So I did not really have a community or any resources, which I knew that I could just immediately go to, to read all about the possible traps, or whatever that might be within the space. So as a result, due to the lack of such information, I remember, on the third day of my time in this space, I got scammed twice in a row. And I think I lost a couple of 1000s of dollars, just because of the lack of knowledge, lack of experience, and hence the lack of ability to identify real legitimate listings from fake listings. And, just getting into fixed scam sites and minting from the wrong websites, etc.
So personally, I feel like this episode is one of the most important because having someone who’s been in this space, is sort of just a highlight to you some of the possible traps that you might encounter. Mind you these are very, very common, It’s not like you only go through it, if you’re unlucky, I would say that every single one of us in this space would have in one way or another encountered at least one or two of these kinds of situations.
So overall, I think if you’re able to know about this before you step into this space, you just don’t have to learn things the hard way, right, you don’t have to learn to get scammed yourself. And it’d be so much better for everyone. So to make things simple, I’ve sort of sorted things out and broken things down into five simple rules that you can follow to protect yourself, and thus the name of this episode.
So especially at the beginning, when you first start out in this space, just make sure that you keep these five rules in mind. And I think you should be pretty safe. So to make things easy, I’ve more or less summarised everything and condensed it into five main rules that you should abide by, in order to more or less keep yourself safe as you start out in this space. So without further ado, let’s look at rule number one.
So rule number one is a rule that I’ve probably mentioned before in previous episodes, but I think it is literally the most important rule of all, and it starts right at the beginning that is never ever tell anyone your 24-word recovery phrase. So just a recap, if you forgot what a recovery phrase is, it’s basically a list consisting of 24 random words, which is literally the key to accessing your wallet from anywhere.
So these phrases have to be sort of key in order to recover your wallet if you lose your password, or if you log into a new computer, and so on and so forth. So right from the beginning, I think the best thing to do is if you can just try to set up your wallet on your own, instead of getting someone else to help you especially if that person is a stranger.
So a possible scenario could be that, you heard about NFTs from a friend of a friend or just someone you’re not very familiar with, and you’re interested in setting things up and that person perhaps offers to sort of just guide you through the entire process. That’s fine, and I think it’s very nice of that person.
But I think what is most important is to ensure that while you’re creating the wallet, and when the secret recovery phrase is being generated, the only people who get to see the recovery phrase are actually the only person is you. And that the phrase is being generated on your computer or your mobile phone, etc. So you have full access to it, no one else has any chance to access your 24-word recovery phrase.
Another scenario could be that I foresee that in the future, we have a lot more events. And perhaps in order to encourage people to join a certain wallet, or maybe just the community in general, there could be booths to offer help to newbies who want to sort of set up a new wallet, right on the spot, maybe they will give you like, an airdrop, if you do set it up with them, so on and so forth.
And I think this is great, but you need to make sure that you are the one who has access to it because just imagine, it could be a possibility that if you set things up on their computer, or someone you don’t know a stranger, like a helper, or a promoter, get access to your 24-word recovery phrase, they could secretly steal your private keys somehow and you don’t know about it.
So right from the onset, when your wallet has $0 inside, your private keys have already been leaked to someone else, and you don’t even know. So this is quite an elaborate scam. But, for the scammers, it would make perfect sense because imagine, like, two to three years down the road, everyone, perhaps maybe 50% of the people who set their wallets up during that time, might have accumulated some form of wealth in their wallet.
And one fine day, they just decided that maybe today was a good day for me to take out all these recovery phrases, key them in one by one, and drain all of these wallets. So, then if it happens to you, you will suddenly wake up, and see your wallet drained. And you wouldn’t even know what happened. Simply because the mistake was made so early on and it’s just hard to track.
So I guess this is why it’s extremely important, right from the beginning of this first step, not to do it wrong. Do not screw it up. Just make sure that you keep your recovery phrase to yourself, Once again, do not store it in the cloud, because if your computer gets hacked, then obviously they have access to your recovery phrase as well.
And I mean, there are hackers, if they look at, a folder with 24 words written in a certain order, I think they can more or less tell what it is, right? So some things are best kept in school. So I would suggest just writing down your secret recovery phrase on a couple of pieces of paper and storing them in a few places that are safe, maybe in your house in a safe, here and there. And anytime you need to if you lose one, you got another.
But just don’t store it in the cloud or anywhere that, might be susceptible to hacking. So this secret recovery phrase scam is actually more common than you think. And it’s very easy. So you actually might encounter a lot of scammers who would sort of chat you up. And if they sort of get a sense that you’re a newbie, you don’t know much, then here’s when they might slowly say, Oh, I can help you check this thing or that thing, just give me your secret recovery phrase, and then key them down.
In fact, they might say you don’t need to give me your actual password just give me the recovery phrase, if you don’t know what the recovery phrase is about you might think that oh, okay, this person is legit. He’s not asking for my password, he’s just asking for these phrases. And if you give it to them, that’s it.
So one very important thing I think to prevent yourself from getting into this situation is also when you’re talking on Twitter or Discord, just make sure that you don’t respond to any DMs, especially from people you don’t know. For this, I believe that you can turn off your DMs so that you don’t allow any strangers who are not your friends to DM you that will be the safest method. And for Twitter, you can’t really filter that out. But just make sure that you are very wary of who you’re talking to.
Because I think 70-80% of the time, if a stranger talks to you out of nowhere, and it’s not someone that you have interacted with before just take it as a scam, it’s better to be safe than sorry.
Rule number two is a kind of link to rule number one, so basically do not click on any links related to the project anywhere else, and only use official links posted in each project, Discord, or Twitter profile.
So this is rule number two because I’m pretty damn sure that in one way or another, we will encounter scammers who will offer us a link to mint from somewhere or to buy a certain thing or even just connect your wallet from this certain link, which are not through legitimate sites and end up scamming us.
So for example, it could be that, if a very high project is about to launch, maybe a couple of days before launch, or even hours before launch, during the launch of the project, meet with some kind of delays, or whatever, and everybody’s waiting during that period, these are the high times for scammers to come in, and then start DMing people to say, Oh, the website is up.
So you can now mint from this backup website. Or, for example, there is a stealth launch, like we are giving the first 100 people free mints or whatever. And it’s a first come first serve. So just click on this link to mint. So what happens, in reality, is that these scammers would create a site that looks almost 100% similar, if not the same as the original Mint site.
But if you mint from that website, the money doesn’t go to the project, it basically connects to the scammer’s wallet, so you will not get NFT in return. And the money that you have authorised will just go into another wallet, which you will never be able to track and you will not be able to get it back. So if you’re not careful with clicking on links, it is very, very likely that you might fall into this trap. Because if you look at a website alone, it is almost impossible for you to identify which is a real or a fake site.
Of course, I think some people might still be able to identify whether the website is a scam or not if you look at the wallet authorization, who it’s being sent to, etc., but I think as a beginner, it will be too difficult for you to understand all this. And if you just look at a website alone, it is basically impossible to identify the difference.
So I think the safest way to do it is to just make sure you always only choose links, and click on links that are from the official pages and the right places within the official pages. So what do I mean by that? So for example, if you’re looking for mint sites, they will usually be posted in the announcement at the stipulated time. It is very, very rare for projects to do a stealth launch, especially if they’re already going to do a proper launch. So usually, they don’t really do that.
And I think 99% of the time, whether it’s moderators or founders, or whoever, they will not DM you. So if they claim to be a mod, or whatever they DM you to tell you, Oh, this is a correct link, you can link it from this site, Do not believe those words, it could be just a scammer posing as a moderator and just want to scam your money. And if you’re looking for OpenSea links, usually, OpenSea links can always be found on the official link page of Discord.
So for every Discord, there’ll be an official links channel. And over there, you can find out all the links that will get you to the different resources you need with regard to the project. Those are legit, and that is the only place you should be clicking your links from. This part is also very important because on OpenSea, there are many scam pages, which look very similar to the actual NFT project, as usual. So there are a couple more ways you can check.
For example, you can check for a blue tick to make sure that it’s a verified collection, you can also check the total collection number to cross-check whether it is indeed the right number in accordance with the project. But I mean, the safest way is still to just make sure you just click through official links, in the official links channel.
So this brings me to the third rule, which is a little bit repetitive and probably already mentioned in rules one and two, but I think it’s still important enough for me to list it as a rule on its own. And that is, please do not interact with anyone on DM on both Twitter and Discord if you’re not sure of who they are. So like what I mentioned just now, if you’re not able to close your DMs, it is very common for scammers to pretend to be moderators or community founders.
And they might DM you to check you up to ask you for info and send you links, malicious links that might not just connect your wallet, they might even hack your entire computer. Or sometimes they may tell you, you’ve won a lucky draw and you can click on this link to claim a certain price, etc. and, basically always ends up with asking you to click on something or asking you to give them some kind of information.
So as I’ve mentioned before 99% of the time, moderators and founders will not DM you unless they specifically announced that they will do so. So if they do not announce anything anybody will talk to you just do not talk to them. In fact, just report them if you don’t know them. And the best thing to do, of course on Discord is to turn off your DM from strangers.
And whether it’s Twitter, whether it’s Discord actually anywhere, in general, in any other sites that you enter, if you see a link from a person that you don’t know, do not click on them, because you can’t be sure if they are legit, or they might have malicious like virus or whatever that can cause a lot of trouble.
And next is rule number four. And basically, rule number four is just to make sure that you’re always purchasing from official sources. And make sure you check everything before you sign off in your wallet. So sometimes people may offer under-table deals for cheaper, maybe through like, group chats or whatever.
And yeah, they may say, let’s just do this deal privately, I can send you the money, and then you send me the NFT, okay, in order to maybe avoid platform fees, etc. This may sound like a better deal, but it can also potentially be a scam. So because one of you has to do one thing first. So maybe if you’re the one sending the NFT, to sell your NFT, you may send the NFT, and the person won’t send you the money, or vice versa.
So unless that person, best if that person is in real life, it’s better to just purchase from official platforms to be safe. And secondly, whenever you are confirming and signing a purchase, just make sure that you check the transaction details. And at the very least check that you’re paying the right price that you wanted to pay, because like for example, OpenSea is often very laggy when it comes to updating prices. So there was actually a period of time when a lot of scammers made use of this loophole to just cheat people into paying more than they should.
So for example, maybe a project is very hype right now. And the flow in NFTs is getting picked up really fast. And you want to pick up one, and then you look at the price is 0.3, for example. So some scammers, what they will do is that they will list the NFT for 0.3 and then almost immediately change it to something higher, maybe three.
And the thing about it is because of the lag, the actual price may not be reflected on the website, it will only be reflected in your wallet before you authorise the purchase. So you take things for granted and perhaps you have FOMO, and you just want to hurry, click and authorise so that you can get the NFT. If you don’t read through the authorization before you actually authorise the transaction, you may find this kind of scam and end up paying more than you expected.
So I think the rule is that we all want to be fast, and we all FOMO sometimes, but most importantly, before you authorise any transaction, always check, and at least make sure that you’re signing off the right amount that you are willing to pay before you do anything.
And the last rule of all to me, it’s the most logical yet it’s often the most difficult to do that is when in doubt just ask, ask anybody, you can ask your community, you can ask to authorise project founders, you can ask, just don’t keep to yourself and just go with the oh, I’ll just try mentality. If you ever feel unsure, just ask anyone within the NFT community, most people are there to help, and communities are built for a reason.
So that’s why I say it’s also important for you to assimilate yourself into a community that you can trust and you can write with because these are the people who will prevent you from going the wrong direction and making wrong turns which you don’t even have to go to in the first place. Don’t be shy. Don’t be afraid. Just ask if you’re in doubt, it will save you a ton of trouble. It will save you a ton of money.
And yes, with that, we’ve come to the end of this episode, it is a little bit long because scammers are plenty out there. But just make sure that you’re very careful to follow these rules. But at the same time, this is not to say that these rules will ensure that you’re 100% safe.
The reason is that as projects are innovating, scammers are also constantly innovating. So sometimes, every couple of weeks, you might hear one or two stories about people who got scammed through new methods. And sometimes they’re not just scamming newbies, they could be scamming OGs as well and because their methods are so sophisticated, even OGs fall for it.
So I think at the end of the day, it’s too important just to make sure that you stay connected with the community so that you can get good updates, latest updates about anything that’s happening within this space. So, if there is any new news or potential scams that come up, you are well informed, and then you can prevent that from happening to yourself by learning from other people’s stories.
And yes, those are basically my closing thoughts. And once again, thank you so much for listening to me. I really hope that you’ve learned a thing or two. If you want to connect with me, you can find me on Twitter at VNSTR_eth. You can also write to us if you have any suggestions, you have comments or feedback, and we’ll be very happy to attend to them. And lastly, if you feel that you’ve benefited from this podcast, please help me by writing a review because it will really go a long way. So I hope that you’ve enjoyed this episode. Stay safe out there, trade safe. Okay, and I will see you again in our next episode.