My All-In-One Crypto & NFT Safety Kit
A list of best practices accompanied by some do's & don'ts.
I have a confession...
Three days ago someone tried scamming me out of 500 Solana.
When markets pump, scammers come out to play. This means that safety should be your #1 concern in all markets; especially euphoric ones.
Below is a comprehensive, all-in-one NFT & Crypto Safety Kit with resources I use to stay on my toes. Make sure to take some notes. *wink*
Ledger Security
My friend got wallet drained over $30,000 in the bear market.
I know you’re probably thinking “What a dumbass.” or “Who would carry that amount of money in a wallet?”
But the truth is you’ve probably done the same thing, just to a different degree. Money is relative. So, when my friend lost this money, it hurt, but it didn’t financially ruin him - because that is the amount of money he is used to playing with.
When you hold $100, $500, $1000 etc. in your wallet, it would hurt, but I’m sure it wouldn’t financially ruin you either. Different perspectives and walks of life determine how you view money.
Anyway: let’s talk about Hot Wallets.
What is a 'hot wallet'? They are wallets that stay connected to the internet, even in your absence (What my friend was using).
The Pros: ✅ Convenient, Fast, Free.
The Cons: ❌ Not Secure, Easy to Hack.
As you can see, the cons heavily outweigh the pros. But still — how do these hacks happen?
Due to the decentralized nature of blockchain, you are always being watched.
When you click malicious links, malware is deployed by hackers to spy on your private keys or control your wallet.
This definitely happened to my friend at one point and the hacker was just waiting for the right moment to strike.
The solution: Ledger
Pros: Offline Key Storage, 2FA, Peace of mind.
A hacker may continue to pursue you without private key access. But without access to your pin, they are left with few options. So this solution makes the most sense.
More information on Ledger Security here.
Approaching Links
You should be wary of any strange link, file or downloadable object you receive on the internet — even if it's from a close friend.
Last year my Discord got hacked by someone that hacked my friend’s account. I was caught completely off guard and it set me back for months.
Aside from a very general tip I have (Use a Macbook), here are a few VERY easy tips:
For links: Use a URL checker.
For opening files: Use Google Drive or Virtual Machine.
Spotting Scammers / Bad Actors
Here’s how I almost got scammed: I was having trouble verifying with Matrica and was DM’d by who I initially thought was a MonkeDAO executive.
He sent me a link to “help” but there were many red flags, such as the site asking for my seed phrase (never do this! 🚩).
Now: Which account looks more suspicious?
The obvious answer is user #2457. That is the account that attempted to scam me.
Always look out for: Blurry PFPs, age of account, sus/vague bios, odd communication and other strange things you may notice.
Scammers and bad actors also exist on Twitter.
For example: Influencers using their followers as exit liquidity, new friends that seem a bit off, or even VCs that have a past history of mismanaging funds… watch everyone very carefully. Actions speak louder than words.
Five Do’s. Five Don’ts.
Five Do’s
• DYOR - Do Your Own Research. Make your own decisions. Take accountability.
• Avoid cults - Avoid culty groups/behaviors. It will skew your judgement. You will feel guilt tripped (or deluded) into bag-holding assets.
• Take profits - Self explanatory, yet people still don’t do it. Taking profits significantly decreases your chances of getting rugged.
• Use burners - Always. If you don't know what a burner is, or how to set one up, watch this quick video:
I also recommend making it a periodic habit to revoke authority from sites you no longer use. Settings > Trusted Apps > Revoke
• Guard your seedphrase - Never store your seed phrase on your computer! Write it down somewhere IRL.
Five Dont’s
• Connect your ledger to mint/trade - Don’t connect it to any site unless it is specifically designed for ledger connection. Even then… I seriously don’t recommend connecting it to ANY site.
Ledgers are cold storage. Meaning you should only transfer things from other wallets, to your Ledger. Never swap, mint or trade with your ledger.
• Trade OtC - It’s just dumb. FoxySwap exists.
• Click on strange links - We already talked about why. Just don’t lol.
• Hold large sums of $ in hot wallets - Same reason as above.
• Trust everyone (Trust is earned) - Just because someone says they’re your friend, doesn’t mean they are. Many people in this space are anonymous. Take everything with a grain of salt.
I hope you keep this safety guide handy and take your security seriously. Make sure you subscribe for more content like this. Invest responsibly. — Lite.