Scammers, Phishers and Hackers abound! Be mindful!
I can’t stress this enough. Be very careful out there!
- Use 2FA (Two Factor Authentication) on everything you can. Preferably, time expiring services such as Google Authenticator over options such as SMS text message.
- Never share your private key with any site or person unless you’re handing your account over to them and want to lose everything. The MyEtherWallet.com wallet site would be my own personal exception and even still, this site could fall victim to a future hack.
- Always check you’re at the site you think you’re at. Never assume. Check the URL and be sure it’s the official site of the company/project/service.
- Check services that provide information about site code changes and when they last occurred. Be weary of any code changes that were not announced by the dev team.
- Never rush into a transaction. Scammers will often solicit a FOMO (Fear Of Missing Out) reaction out of you.
- Social media is widely used to phish for victims. This is especially effective if an official account is compromised and used to solicit the community. Always check multiple official communication channels of a project/company and be very weary if FOMO tactics are used.
- Do not trust direct messages in Social Media sites (Slack!). Crypto projects are now moving away from communication platforms that lack the necessary security controls to protect subscribers.
- Do not trust links to sites. Use your own bookmark or type it in and double check the spelling.
- Sites can get hacked. It’s usually not a matter of “if”, but “when” it will happen. Use the Google Chrome Extension “Page Monitor” and check for site code changes. If there have been recent changes to the site code, be especially vigilant, even enquire with the site owner.
This list is just a start and entire block posts could be written on each of these. I’ll be adding to it regularly.