TS6 - FIVE RULES TO AVOID GETTING SCAMMED

The NFT world is new and interesting and there are new things cropping up every day. It’s like the Wild West during the Gold Rush. But like the wild west, it’s also full of scamsters and people trying to con you for a quick thousand dollars or two. But fear not – there are five simple rules you can follow to safeguard yourself. Today we discuss how..

DISCUSSION POINTS

  • Protect your recovery phrase even when you have $0
  • Don’t click links other than those on official profile
  • Don’t interact with strangers on Discord or Twitter
  • Use official platforms even if they are more expensive
  • When in doubt, ask the community or trusted individuals

TRANSCRIPT

Hello, everybody, once again, thank you for tuning in to today’s episode of The Token Singaporean, my name is Vnstr. And I think today’s episode is very interesting to me, it is also one episode that I feel like might be one of the most important episodes that everyone should listen to. Because this is about security issues, and possible scams in this space. Personally, when I first started out in this space, because I went through it by experimenting a lot of things on my own. So I did not really have a community or had any resources, which I knew that I could just immediately go to, to read all about the possible traps, or whatever that might be within the space. So as a result, due to the lack of such information I remember, during the third day of my time in this space, I got scammed twice in a row. And I think I lost a couple of 1000s of dollars, just because of the lack of knowledge, lack of experience, and hence the lack of ability to identify real legitimate listings from fake listings. And you know, just getting into fixed scam sites and minting from wrong websites, etc.

So personally, I feel like this episode is one of the most important because having someone who’s been in this space, you know, sort of just a highlight to you some of the possible traps that you might encounter. And mind you these are very, very common, it’s not like you only go through it, if you’re unlucky, I would say that every single one of us in this space would have in one way or another encountered at least at least one or two of these kinds of situations. So overall, I think if you’re able to know about this before you step into this space, you know, you just don’t have to learn things the hard way, right, you don’t have to learn to get scammed yourself. And it’d be so much better for everyone. So to make things simple, I’ve sort of sorted things out and broken things down into five simple rules that you can follow to protect yourself, and thus the name of this episode. So especially at the beginning, when you first start out in this space, just make sure that you keep these five rules in mind. And I think you should be pretty safe. So to make things easy, I’ve more or less summarised everything and condensed it into five main rules that you should abide by, in order to more or less keep yourself safe as you start out in this space.

So without further ado, let’s look at rule number one. So rule number one is a rule that I’ve probably mentioned before in previous episodes, but I think it is literally the most important rule of all, and it starts right at the beginning that is never ever tell anyone your 24 word recovery phrase. So just a recap, if you forgot what a recovery phrase is, it’s basically a list consisting of 24 random words, which is literally the key to access your wallet from anywhere. So these phrases have to be sort of keyed in order to recover your wallet if you lose your password, or if you log into a new computer, so on and so forth. So right from the beginning, I think the best thing to do is if you can just try to set up your wallet on your own, instead of getting someone else to help you especially if that person is a stranger.

So a possible scenario could be that, you know, you heard about NFTs from a friend of a friend or just someone you’re not very familiar with, and you’re interested to set things up and that person perhaps offer to sort of just guide you through the entire process. That’s fine, and I think it’s very nice of that person. But I think what is most important is to ensure that while you’re creating the wallet, and when the secret recovery phrase is being generated, the only people who get to see the recovery phrase is actually the only person is you. And that the phrase is being generated in your computer or your mobile phone, etc. So you have full access to it, no one else has any chance to access your 24 word recovery phrase. Another scenario could be that I do foresee that in the future, we have a lot more events. And perhaps in order to encourage people to join a certain wallet, or maybe just the community in general, there could be booths to offer help to newbies who want to sort of set up a new wallet, right on the spot, maybe they will give you like, an airdrop, if you do set it up with them, so on and so forth. And I think this is great, but you need to make sure that you are the one who has access to it, because just imagine, it could be a possibility that if you set things up in their computer, or someone you don’t know a stranger, like a helper, or a promoter, get access to your 24 word recovery phrase, they could secretly stole your private keys somehow and you don’t know about it. So right from the onset, when your wallet has $0 inside, your private keys have already been leaked out to someone else, and you don’t even know. So this is quite an elaborate scam. But you know, for the scammers, it would make perfect sense because imagine, like, two to three years down the road, everyone, perhaps maybe 50% of the people who set their wallets up during that time, might have accumulated some form of wealth in their wallet. And one fine day, they just decided that, okay, maybe today is a good day for me to take out all these recovery phrases, key them in one by one, and drain all of these wallets. So during, then if it happens to you, you will just suddenly wake up, see your wallet drained. And you wouldn’t even know what happened. Simply because the mistake was made so earlier on and it’s just hard to track.

So I guess this is why it’s extremely important, right from beginning this first step, do not do it wrong. Do not screw it up. Just make sure that you keep your recovery phrase to yourself, once again, do not store your recovery phrase in the cloud, because that is if your computer gets hacked, then obviously they have access to your recovery phrase as well. And I mean, there are hackers, if they look at, you know, a folder with 24 words written in a certain order, I think they can more or less tell what it is, right. So some things are best kept in school. So I would suggest just writing down your secret recovery phrase in a couple of pieces of paper and storing them in a few places that are safe, maybe in your house in a safe, here and there. And anytime you need to if you lose one, you got another. But just don’t store it in the cloud or anywhere that, you know, might be susceptible to hacking. So this secret recovery phrase scam is actually more common than you think. And it’s very easy. So you actually might encounter a lot of scammers who would sort of chat you up. And if they sort of get a sense that you’re a newbie, you don’t know much, then here’s when they might slowly say that, Oh, I can help you check this thing or that thing you know, just give me your secret recovery phrase, and then key them down. In fact, they might say you don’t need to give me your actual password just give me the recovery phrase, you know, if you don’t know what the recovery phrase is about you might think that oh, okay, this person is legit. He’s not asking for my password, he’s just asking for these phrases. And if you give it to them, you know, that’s it.

So one very important thing I think to prevent yourself from getting into this situation is also when you’re talking on Twitter, on Discord, just make sure that you don’t respond to any DMs, especially from people you don’t know. For this, I believe that you can turn off your DMs, so that you don’t allow any strangers who are not your friends to DM you that will be the safest method. And for Twitter, you can’t really filter that out. But just make sure that you are very wary of who you’re talking to. Because I think like 70-80% of the time, if a stranger talks to you out of nowhere, and it’s not someone that you have interacted with before just take it as a scam, it’s better to be safe than sorry. So rule number two kind of links to rule number one, so basically do not click on any links related to the project anywhere else, and only use official links posted in each projects, Discord, or Twitter profile. So this is rule number two because I’m pretty damn sure that in one way or another, we will encounter scammers who will offer us a link to mint from somewhere or to buy a certain thing or even just connect your wallet from this certain link, which are not through legitimate sites and end up scamming us.

So for example, it could be that, if a very high project is about to launch, maybe a couple of days before launch, or even hours before launch, sometimes if, during the launch of the project, meet with some kind of delays, or whatever, and everybody’s waiting during those period, these are the high times for scammers to come in, and then start DMing people to say, Oh, the website is up. So you can now mint from this backup website. Or like, for example, there is a stealth launch, like we are giving the first 100 people free mints or whatever. And it’s a first come first serve. So just click on this link to mint. So what happens in reality is that these scammers would create a site that looks almost 100% similar, if not the same as the original mint site. But if you mint from that website, the money doesn’t go to the project, it basically connects to the scammers wallet, so you will not get NFT in return. And the money that you have authorised will just go into another wallet, which you will never be able to track and you will not be able to get it back. So if you’re not careful with clicking on links, it is very, very likely that you might fall into this trap. Because if you look at a website alone, it is almost impossible for you to identify, which is a real site, which is a fake site.

Of course, I think some people might still be able to identify whether the website is a scam or not, okay, if you look at the wallet authorization, who it’s being sent to etc., but I think as a beginner, it will be too difficult for you to understand all this. And if you just look at a website alone, it is basically impossible to identify the difference. So I think the safest way to do it is to just make sure you always only choose links, click on links that are from the official pages, and the right places within the official pages. So what do I mean by that? So for example, if you’re looking for mint sites, they will usually be posted in announcement at the stipulated timing. It is very, very rare for projects to do a stealth launch, especially if they’re already going to do a proper launch. So usually, they don’t really do that. And I think 99% of the time, so whether it’s moderators or founders, or whoever, they will not DM you. So if they claim to be a mod, or whatever they DM you to tell you, Oh, this is a correct link, you can link it from this site, do not believe those words, it could be just a scammer posing as a moderator and just want to scam your money. And if you’re looking for OpenSea links, usually, OpenSea links can always be found in the official link page of the Discord. So for every Discord, there’ll be an official links channel. And over there, you can find out all the links that will get you to the different resources you need with regards to the project. Those are legit, and that is the only place you should be clicking your links from. This part is also very important because on OpenSea, there are many scam pages, which look very similar to the actual NFT project, you know, as usual. So there are a couple more ways you can check. For example, you can check for a blue tick to make sure that you know, it’s a verified collection, you can also check the total collection number to cross check whether it is indeed the right number in accordance with the project. But I mean, the safest way is still to just make sure you just click through official links, in the official links channel.

So this brings me to the third rule, which is, I think a little bit repetitive, is probably already mentioned in rule one and two, but I think it’s still important enough for me to list it as a rule on its own. And that is, please do not interact with anyone on DM on both Twitter or Discord if you’re not sure of who they are. So like what I mentioned just now, if you’re not able to close your DMs, it is very common for scammers to pretend to be moderators or community founders. And they might DM you to check you up to ask you for info and send you links, malicious links that might not just connect your wallet, they might even hack your entire computer. Or sometimes they may tell you, you’ve won a lucky draw and you can click on this link to claim a certain price, etc. and, you know, basically always ends up with asking you to click on something or asking you to give them some kind of information. So like I’ve mentioned before 99% of the time, moderators and founders will not DM you unless they specifically announced that they will do so. So if they did not announce anything anybody will talk to you just do not talk to them. In fact, just report them if you don’t know them. And the best thing to do, of course on Discord is to turn off your DM from strangers. And whether it’s Twitter, whether it’s Discord actually anywhere, in general, in any other sites that you enter, if you see a link from a person that you don’t know, do not click on them, because you can’t be sure if they are legit, or they might have malicious like virus or whatever that can cause a lot of trouble.

And next is rule number four. And basically, rule number four is just make sure that you’re always purchasing from official sources. And make sure you check everything before you sign off in your wallet. So sometimes people may offer under table deals for cheaper, maybe through like, you know, group chats or whatever. And yeah, they may say, let’s just do this deal privately, I can send you the money, and then you send me the NFT, okay, in order to maybe avoid platform fees, etc. And this may sound like a better deal, but it can also potentially be a scam. So because one of you have to do one thing first. So maybe if you’re the one sending the NFT, to sell your NFT, you may send the NFT, and the person won’t send you the money, or vice versa. So unless you know that person, okay, best if you know that person in real life, it’s better to just purchase from official platforms to be safe. And secondly, whenever you are confirming and signing of a purchase, just make sure that you check the transaction details. And at the very least check that you’re paying the right price that you wanted to pay, because like for example, OpenSea is often very laggy when it comes to updating prices. So there was actually a period of time when a lot of scammers made use of this loophole to just cheat people into paying more than they should.

So for example, maybe a project is very hype right now. And the flow in NFTs is getting picked up really fast. And you want to pick up one, and then you look at the price is 0.3, for example. So some scammers, what they will do is that they will list the NFT for 0.3 and then almost immediately change it to something higher, maybe three. And the thing about it is because of the lag, the actual price may not be reflected in the website, it will only be reflected in your wallet before you authorise the purchase. So you take things for granted and perhaps you have FOMO, and you just want to hurry, click and authorise so that you can get the NFT. You don’t read through the authorization before you actually authorise the transaction, you may find this kind of scam and end up paying more than you expected. So I think the rule is that, you know, we all want to be fast, we all FOMO sometimes, but most importantly, before you authorise any transaction, always check, and at least make sure that you’re signing off the right amount that you are willing to pay before you do anything.

And the last rule of all to me, you know, it’s the most logical yet it’s often the most difficult to do that is when in doubt just ask, ask anybody that you know, you can ask your community, you can ask authorise project founders, you can ask, just don’t keep to yourself and just go with the oh, I’ll just try mentality. If you ever feel unsure, just ask anyone within the NFT community, and you know, most people are there to help, and communities are built for a reason. So that’s why I say it’s also important for you to assimilate yourself into a community that you can trust and you can write with, because these are the people who will prevent you from going the wrong direction and making wrong turns which you don’t even have to go to in the first place. Don’t be shy. Don’t be afraid. Just ask if you’re in doubt, it will save you a ton of trouble. It will save earning money for investment.



And yes, with that we’ve come to the end of this episode, it is a little bit long, because scammers are plenty out there. But just make sure that you’re very careful to follow these rules. But at the same time, this is not to say that these rules will ensure that you’re 100% safe. The reason is because as projects are innovating, scammers are also constantly innovating. So sometimes, you know, every couple of weeks, you might hear one or two stories about people who got scammed through new methods. And sometimes they’re not just scamming newbies, they could be scamming OGs as well and because you know their methods are so sophisticated, even OGs fall for it. So I think at the end of the day, it’s too important to just make sure that you stay connected with the community so that you can get good updates, latest updates about anything that’s happening within this space. So, if there are any new news or potential scams that come up, you are well informed, and then you can prevent that from happening to yourself by learning from other people’s stories.

And yes, those are basically my closing thoughts. And once again, thank you so much for listening to me. I really hope that you’ve learned a thing or two. If you want to connect with me, you can find me on Twitter at VNSTR_eth. You can also write to us if you have any suggestions, you have any comments or feedback, we’ll be very happy to attend to them. And lastly, if you feel that you’ve benefited from this podcast, please help me by writing a review because it will really go a long way. So I hope that you’ve enjoyed this episode. Stay safe out there, trade safe. Okay, and I will see you again in our next episode.

Comments

Post a Comment

Popular posts from this blog

MT28 - How To Invest In Startups When You’re Not Yet A Millionaire | Angel Investing

Image
Are you fascinated by the world of startups, and really dying to capture some of that unicorn magic for your own portfolio? But that’s hard if you’re not a millionaire because no credible founder is going to take a few thousand rupees or a few hundred dollars. So is there a way to directly invest in a startup when you don’t have a lot of money? A BIT ABOUT KANISHK Kanishk is the Head of Investments and Operations at POD, prior to which he worked in US Mortgages as well as Forex. He’s built POD to be a fundraising stack that allows small investors to access startup funding rounds with as little as INR 20,000 (~USD 250) MT28 DISCUSSION POINTS Kanishk is the Head of Investments and Operations at POD, prior to which he worked in US Mortgages as well as Forex. He’s built POD to be a fundraising stack that allows small investors to access startup funding rounds with as little as INR 20,000 (~USD 250) How angel investing works How it differs from crowdfunding How to find good startups to fun...
Read more

ST20 - THE TRANSITION FROM AN OFFLINE TO AN ONLINE MODEL OF BUSINESS

Image
Solopreneurs often feel that they are limited by their business model with respect to their resources- being the sole employee with a fixed geographical presence. But with the advent of technology, transitioning from offline to online has made it seamless for these solopreneurs to make the most of their skills and resources. We have one such businesswoman with us who transitioned her teaching skills to the online model, making her offer her services to a wider audience. If you’re a solopreneur thinking of making the move from offline to online, then this ShopTok Episode is for you! Siti Nurmaisyah is a  certified Indonesian teacher, with more than 20 years of teaching experience. She uses innovative methods to teach her students, online and offline. Her clients include people belonging to various demographics like expatriates, workers, school students (teenagers and children), etc. Siti is a great example of a solopreneur who successfully transitioned from an offline to an online ...
Read more