Guarding Your Crypto: Unmasking Scams in Your Favorite Project's Socials

7SRU...NJoi
31 Oct 2023
68

Everyone knows that you shouldn't sign messages and transactions on every website there is, and everyone knows that you should be careful, especially with unknown or new projects.
But this awareness is quickly lost when something is being posted on someone's favorite project's socials.

A Discord moderator posted this; it must be legit, right?


This is possibly the most dangerous thought someone can have. Whether it's Discord, Twitter, or any other social page, do not lose your awareness. Accounts can always be hacked. There were cases where moderators got hacked and made announcements on official Discord servers, promoting giveaways, airdrops, or special events. Many people would trust these, as they were official after all, and lose funds.

How to protect yourself from such scams:


Check multiple sources:

In many cases, it's really easy. Always check multiple socials. If something is posted in the Discord server that might be fishy or not, check that same community's Twitter and so on.

Always check the links:

With such scams, the scammers mostly use links containing the project's name but still being different from the official website. This is the first and biggest indicator that it's a scam. If a project has a website, it is very unlikely they would use another domain for any event whatsoever.

example of similar domain names


A second good measure is also to do a ΒΉwhois request for the domain. See how old the domain is and compare the Β²registrar with the "new" domain and the project's normal website. If they were to register a second domain, it probably would be with the same registrar. Also, scam websites are mostly registered in a small amount, if not even on the same day, as the scam goes live. This is also a big indicator. But this counts for every website. If it is 3 days old, don't trust it.

example of whois request (request made on who.is)


Check the transaction:

If you can, use wallets that simulate the transaction and show you, what assets you pay/lose and what you get. Or you just understand what all the messages do, that's also an option. Also check the wallets connected to the transaction:
Is/are the wallet/s normally used by the project? What transactions are connected to this wallet?

example of message simulation (By Phantom) - src


I detected it's a scam, what should I do?


If you want to help your community, try to make it clear to everyone that something's not right. Sometimes you, as the user, are just faster than community moderators or admins in such cases, especially if no one is currently available. Report the scam website, draw attention to the matter, and do your best to help others avoid these links.

Sites for doing whois requests:
who.is
whois.com


I hope that you could take away some newfound knowledge from this article.

If you think I got something wrong, that there are some tipps missing that you want to share please let me know down in the comments.


Have you experienced such scams in a community you're in?

Get fast shipping, movies & more with Amazon Prime

Start free trial

Enjoy this blog? Subscribe to Lux

6 Comments