Scammers and hackers scan popular messenger groups of social media apps like Telegram or Discord to identify vulnerabilities. Attackers often use social engineering or software exploits to get admin rights to be able to post malicious messages to steal the private keys or seed phrases of users or to get them to connect their wallets to a malicious smart contract.
Sub techniques (0)
ID
Name
--
--
ID
Mitigation
Description
M02
Check smart contract
Investors with an affinity for technology should check the lines of code of the smart contract on their own before investing.
M05
Check links
Users/investors should double check the links they press (e.g., have they changed since the last use?).
M06
Check (NFT) collections before buying them
Investors should check the genuineness of a collection or token before buying, even if they were linked by a proven source.
M11
Never share private keys or seed phrases
Cryptocurrency investors should never share their private keys or seed phrases with anyone. Legitimate persons will never ask for that information. They should also avoid using screen sharing to solve technical problems since some apps include QR codes of private keys or seed phrases which could show up during the session.
