- Contributors:
- @neon_ipod
This page is dedicated to know basic preventive measures to keep your information and your wallet safe, and to be aware of how to improve security when buying NFT’s.
Never click any links sent on discord/twitter by others.
These malicious links can collect your data in a matter of seconds and drain your wallet. Phishing is a commonly used tactic, by bad impersonators trying to find victims to click malicious links, unfortunately this has become very common on the NFT Space. It is a safe measure to disable DMs from any project’s server you are part of.
- Identify who the person is, how they found you and be direct in what they want? If they ask for your wallet, question why they messaged you, if they don’t know your wallet.
- Check if they send you a website (this site might be a scam site they use to drain wallets), Verify if this site is legitimate, ask discord channel, search on twitter.
- If they use a legitimate website, check whether the token they are trading you is real.
- Upon setting up the trade in a legitimate site, check their wallet.
- How is the wallet funded? Check the address used to finance this wallet, it might have been financed by previous Phishing Scam wallet. Scammer don’t expect you to know this.
- Check the token used for this trade, is it legitimate Ethereum token or is it a fake
An attempt by an user to swap 3 Avatars for 1.75 fake Ethereum token.
Can you spot the difference between these two tokens?
Both these tokens are named the same, but there is a visual difference, the supply and token address of them is different.
- If you want, do a background check on the user. This user might have been reported before, whether it’s on discord, or twitter. Check by their alias or token.
Enable 2FA
On discord and any login platform you may be part of, as this provides an extra layer of security on your account. The second authentication method usually needs to be verified with something in your personal possession, such as your phone, as an addition to your normal username and password.
There are risks to depending highly on 2FA, 2FA links your crypto exchanges or social media accounts to a single weakness. That is your number. One of the most known one is
- The ones sent to you as SMS, (vulnerable to SIM hack —> ask provider, to put an account password, so that is asked before anyone can make changes)
- The one sent to an 2FA App, such as Google Authenticator or better privacy is Authy
- YubiKey —> Finger print 2FA
In a world, where privacy is being eroded, and the raise of connected devices, it won’t matter if your offline, all devices can detect your voice, your GPS by using signals in connected IoT (internet of things) devices like Amazon Echos to find your location.
These devices for consumers for cheap prices and is in house holds across the country, can expose your dynamic and live location as you move.
Have a strong password
- Combine numbers, symbols, lowercase, and uppercase letters
- Use a different password for any website you use
- Use long password combinations
- Avoid popular passwords
Privacy
Never share any type of personal information online like your real full name, address, email, phone numbers and social media accounts. In the wrong hands, this information can be used for malicious purposes to cause harm to others and to yourself.
Although it may seem, right now. You are holding a couple of NFT furnis, and that’s not important, you should think about the future. In the not so long future.
A wallet will represent you and your views, whether it’s
- What you buy (shopping behavior)
- What links or things you are connected with or projects
- Political views, or proposals you have voted in
- What you own, whether it’s Properties, Family Photos and more.
What ever you pay and own can be in a wallet, and that’s more permanent than an old tweet. All of this can be used against you, or used to stalk or dox/bully you.
Install an antivirus, this ensures you get protected and there is no spyware or keylogging hidden and recording what you do.
Cold Wallet and Burner Wallet
The cold wallet/vault is one that isn’t exposed to internet vulnerabilities or browser vunerabilities, it is referred as an offline or a hardware wallet. For example. a ledger. Using such a wallet means, the things you are really concerned about security wise, should be kept there, while things that you readily need available and using it for short-term trading and (don’t mind risking), you use a burner wallet. If your burner wallet ever gets hacked, the cold wallet is secure and is the backup. It should have more items stored there, especially the most valuable ones.
The purpose of a burner wallet is to have a separate wallet from your main wallet, for minting purposes or to interact in other websites that require your wallet to be signed in, so your true holdings are not exposed.
Be Cautious of new projects
Beware of Fake NFT’s. Be careful whenever you are minting a new NFT collection, or whenever you decide to join an existing one. Scammers will create fake nft collections stealing artwork from stolen artwork. Identifying these types of collections are usually known for:
- The collection is not verified (Blue checkmark)
- Fake twitter followers
- Low trading volume
If you ever want to risk into new NFT collection, or test a fake airdrop always use a burnet wallet with limited funds.
Recovery Phrase
Never share your metamask secret recovery phrase with anyone or have it exposed, or someone will have full access to your wallet. I recommend to store this either on a hardware wallet or on paper.
Only use trusted Marketplaces
Habbo NFT encourages the use of opensea strictly. It is the biggest NFT marketplace and the most trusted. Be mindful of the websites you use for trading/selling NFTS as these may not be safe and can put you at a high risk of losing your assets.
