How to Guard Against Scams in the Crypto Space!

/

Top Tips for Staying Safe in a Scam-Ridden Sector

Be Watchful.jpg

This is the first article in the beginning of my “Crypto 101” series, and it is the most important for all new investors. We are still in the early stages of cryptocurrency, and many call it the “Wild, Wild West”. There are myriads of ways you can lose your money in this space, and being scammed ranks at the top of the list.

Here are my tips to avoid the unnecessary pain and anguish that can result from being careless when investing in cryptocurrency. Take this to heart, and review these tips often to keep it on the forefront of your mind!

Never Assume You Can’t Be Had

No matter how much experience you have in this crypto market, don’t ever assume that you can’t be fooled. I’ve been in this space since 2017, and I have been hacked or scammed a total of 3 times. It happened in 2020. First, I was lured into a yield farming scam that advertised 20,000% APY on the reward token Katana. It ended in a rug pull. I was left with a huge pile of WORTHLESS Katana tokens. While in an extremely emotional state, a scammer fooled me…

I was sent a private message on Telegram from a fake admin from the Katana group asking me if I had “registered” my Katana tokens. I said no, and asked why. He then told me that I would not receive the enormous air drop if I did not have my tokens “registered”. I was still raging mad about the rug pull, and fell for this because I figured I would at least get more of the useless tokens that I could possibly sell at a later date.

He sent me a link to a website to “register” my tokens. There was a big banner on the top of the site stating that they would not be able to see or use my private keys to my Metamask wallet in order to “register” my tokens. I knew better. I quickly “registered”, and entered my secret phrase. In the blink of an eye, all of my Katana tokens were gone, in addition to $700 of other crypto tokens that I had in my Metamask wallet. I couldn’t believe that I fell for this.

The trick worked because the scammer caught me when I was in an emotional state. When you are in your emotions, you don’t have the ability to use rational thinking. I was still so angry, I wasn’t thinking rationally. So take this as a good example that someone with a strong background in computer science, technology, and engineering like myself is not immune to being had.

Watch Out for Spoof Apps

There are fake apps that pop up on the Google Play Store and even iOS on a daily basis. They can persist for days before getting caught. These spoofs are so well done, they can fool even the most experienced traders… including ME. Here is how I got fooled by a spoof app that ended up costing me 2 ETH at the time.

I was getting my bags packed to go on vacation to see my grand kids in Texas. We were late leaving, and I was rushing. I had just bought the latest FOMO project being pumped on a Telegram group. But as I rushed to pack and get out the door, I realized that I needed to have mobile access to the Uniswap DEX just in case I needed to sell my tokens while on the road.

I did a quick search on the Google Play Store and found that Uniswap had an app! I downloaded the app and installed it. I then thought about the fact that I would need to have access to my Metamask wallet which is on my computer in order to execute a trade if needed. Reading on the Uniswap app, I noticed it said that I could transfer my private key to load the wallet onto my phone.

In my absolute rush, I forgot that I was dealing with the Uniswap app, and not Metamask. I looked up my secret phrase on my computer, and entered it into the Uniswap app so that I could access my wallet. Nothing happened. So I entered it again. Still nothing. I tried 4 more times, and still saw no confirmation that it loaded the wallet.

I decided to give up on it, and left for Texas. Nothing happened with that project the entire weekend, so I had no use for the mobile app to quickly sell. I got back from Texas, and decided to check my Metamask wallet for my… uh oh!

That is when I realized that I was entering my private key into a Uniswap app trying to connect my Metamask wallets! My Metamask wallet was drained of all tokens totaling over $800. When I went back to the smartphone to check the Uniswap app, I noticed it was not on my screen. In the time that I was on vacation, it was removed from the Play Store. The app was a FAKE.

I did a quick internet search and found out that there was no such thing as a Uniswap app for Android. I had been spoofed! There was nothing I could do, because the thieves were long gone with my money, and there was no trace of the app. That was the last Uniswap disaster I would ever have, and have sworn off using the platform until I felt 100% sure that I would not be fooled into another crafty scam.

Just because you find an app that matches the logos of your popular exchange or DEX, that doesn’t mean it is official. You have to do some research to make sure that ANYTHING you are downloading to your phone is not a spoof or phishing scheme. Hopefully you can learn from me, rather than losing your own money, and play it safe when it comes to downloading apps on your smartphone.

Don’t Talk to Strangers Who “PM” You on Telegram

This is one of the oldest and most common practices for thieves on the internet. When you are participating in group discussions for various projects on the Telegram platform, thieves and con artists are able to observe what you are saying within these groups and get a good idea of whether or not you are a good “mark”.

The way they usually do this is to casually lure you into a conversation by sending a polite “hello” in a PM (private message). Anyone messaging you outside of a group is most likely a con artist. But some of them are more savvy. They will hold conversations with you within the group, and establish a good rapport with you before launching into their private pitch.

The biggest “marks” (that’s an old fashioned term for potential sucker… Google it) they target are male. The con artists will commonly upload a profile picture of a very alluring female in order to get your attention. But you’ll know it isn’t real, because most people don’t post attractive profile pictures. When they start speaking in broken English or have awful grammar skills, you should know that you’re probably chatting with a big disgusting hairy man. Doesn’t that make you feel good? Cut them off at the pass and block them immediately.

Another common method the con artists use is to post a profile picture using the official company brand of the project you are discussing, and they pose as an administrator. Newbies will often drop their guard, and trust everything the “administrator” asks of them, like sharing their screen or giving up the secret phrase of their web3 wallet. This is the method used in the story up above when I was involved in the Katana rug pull. Don’t fall for it!

The YouTube Spoof Trick

YouTube has a major rash of spoofing and con artist activity that the company has not gotten a handle of at this time. The cons will create identical thumbnail pics that match a YouTube creator, along with a slightly modified but nearly identical name. They will post on threads and offer help to unsuspecting marks, often giving a phone number or email to get in touch with who they think is the video creator.

This is happening so much right now that I wouldn’t believe anyone would fall for it. But there are MANY people who are still falling for this trick, and it often doesn’t end well financially. Keep in mind that NO CREATOR will offer a phone number or email address for you to contact them about investing in ANYTHING. When you see these posts, just report them through the platform and they will be removed.

Be Very Wary of Links

The last method I’ll mention in this article is the use of attack links. If someone sends you a private message that has a clickable link, you could end up being hacked. Some of these links can install malware, or take control of your computer display where the thieves can hunt for your private information in order to break into your web3 wallets, or to gain access to exchanges that you are currently logged in on.

Any responsible individual would never send a clickable link to someone they don’t know. If you have no track record with the person you are speaking to, the best thing you can do is to block them if they send you a link through a PM. There is also a risk to be considered when clicking links within groups. Many Telegram groups have open admission, so scammers are able to drop links into these groups that can sit active for a time before they are discovered and removed. The same applies to links posted within the comments section on YouTube.

Conclusion

There are so many creative scams in the crypto space that I could write ten more pages covering them all. These are the most common that I have seen in recent times, but you should always be wary of new scams that hit the scene on a daily basis. Crooks never sleep, and they never stop when it comes to cooking up new ways of stealing people’s money. Remember that when a person gets scammed and their web3 wallet or exchange balance gets drained, there is absolutely no recourse. Once your money is gone, it’s gone for good. So it is best to be cautious and absolutely vigilant while wading into the shark-infested waters of the cryptocurrency space!

Be careful out there.

Carlton Flowers
The Watchful CryptoPro