Victims, who connected their wallets to a malicious smart contract or who gave their private key or seed phrase to a scammer, lose control over wallets and funds within the affected wallet.
DAO projects should commission audits before the go live of their smart contracts.
M05
Check links
Users/investors should double check the links they press (e.g., have they changed since the last use?).
M10
Check apps
Users should check apps before downloading them. This can be accomplished by checking the download rate of the app in the app store as well as by analyzing available user ratings (beware fake ratings!).
M11
Never share private keys or seed phrases
Cryptocurrency investors should never share their private keys or seed phrases with anyone. Legitimate persons will never ask for that information. They should also avoid using screen sharing to solve technical problems since some apps include QR codes of private keys or seed phrases which could show up during the session.
M15
Read the transaction message before signing
Before signing a transaction users should read the transaction message, which shows the kind of transaction they sign (e.g. send transaction, smart contract interaction).
M16
Use new wallet for NFT mints
For random mints users should use a clean wallet to avoid huge losses in case the wallet gets drained.
M17
Use a hardware wallet
Hardware wallets protect users to lose their private keys to scammers. Additionally, hardware wallets ask for another assignment before users can send tokens out of it. This additional allowance might help to think twice and not to be scammed.
M18
Do not mint NFTs with risky conditions
Mints with risky conditions, e.g. hold an expensive NFT within the wallet to be able to be eligible for the mint, should be avoided.
