Victims use malicious services like scam exchanges or scam free mints and connect their wallets to the services and sign contract transactions which allow the scammers to get access to their wallets.
Investors should collect as much information about a project as possible before investing.
M05
Check links
Users/investors should double check the links they press (e.g., have they changed since the last use?).
M16
Use new wallet for NFT mints
For random mints users should use a clean wallet to avoid huge losses in case the wallet gets drained.
M17
Use a hardware wallet
Hardware wallets protect users to lose their private keys to scammers. Additionally, hardware wallets ask for another assignment before users can send tokens out of it. This additional allowance might help to think twice and not to be scammed.
M18
Do not mint NFTs with risky conditions
Mints with risky conditions, e.g. hold an expensive NFT within the wallet to be able to be eligible for the mint, should be avoided.
M22
Check transaction address (public key)
Using a service users/investors should check the transaction address everytime since attackers could inject a script (or attack the smart contract) and divert coins/tokens to their addresses.
