The NFT ecosystem has become a hub for scammers. Hacking has affected almost all the top names in the space. PROOF Collective founder Kevin Rose suffered a loss of more than $1,000,000 in NFTs as a result of a phishing scheme. The Azuki Twitter account was also hacked in January 2023. The hackers posted a link that was incredibly dangerous to their followers, and they lost almost $800,000. You can be hacked if the most prominent names in crypto and NFTs are hacked. Even though these scams are becoming more common, NFT members still have a high risk of being conned out of their assets.
You can reduce some of these risks by following the best practices established by security professionals and blockchain developers . Scams cannot be avoided everytime. The NFT community can mitigate many of the popular and widespread grifts by taking the necessary, though sometimes difficult, steps to secure software wallets. Here’s how.
Safekeep your seed phrase
You can keep your crypto and NFTs secure by following the right precautions regarding your wallet’s “seed phrase”. A seed phrase, which is a set of randomly generated words that represent private keys for a software wallet, is presented to users when they create their wallet. This private key is a failsafe that allows the contents of a cryptocurrency wallet to be restored in case the user gets locked out or needs to import it into another device.
Never type your wallet’s seed phrase. It is best to not send it to yourself by email, or save it in a Google Doc. Keep your private key secure in your home by only writing it down. Some people even go as far as to have their seed phrase engraved on a metal plate. They then store it in safe deposit boxes.
You can use a hardware wallet, or you can delegate one.
It may seem tempting to store all your assets in a few software wallets to make it easy to access and trade, but a hardware wallet can help you protect your crypto assets and your grails. A hardware-based wallet like a Trezor or Ledger stores private keys of users offline on the origin’s secure microprocessors. A hardware wallet is a reliable and secure way to protect your NFTs from malware, key loggers, screen-capture devices, and other threats.
Although some people try to keep a few online-enabled software pockets (hot wallets), for active trading, while other assets are kept in an offline wallet (cold wallet), this system can be compromised. As we saw with the recent hackings of Web3 figures Rose, Nikhil Gopalani and CryptoNovo, signing transactions with high-value wallets can result in loss. Users might also consider using a burner wallet, which is a wallet that has no site connections or holdings and can be used only to transact. Or delegating a totransact wallet to replace an active wallet.
To do so, collectors can use services like Delegate Cash. Delegate Cash allows users to create and assign a new MetaMask hot pocket as a delegate to a cold wallet that holds valuable NFTs. Users can use the Delegate Cash to claim airdrops, verify ownership, or any other purpose for an NFT, without having it stored in an active wallet. This method was demonstrated by tropoFarmer, a pseudonymous collector who offered his Sewer Pass to others for Dookey Dash via delegated wallet.
Triple-check URLs, signatures, and handles
You should ensure that you have triple-checked the authenticity and safety of any portal before you even consider minting, collecting or signing any contract. Numerous prominent Twitter accounts and Discord server have been hacked repeatedly, resulting in false NFT mints being announced and a loss of crypto by the NFT community.
Scammers will usually ask users to fork over crypto or NFTs. This could be done by asking them to enter seed phrases (which you should never consider) or signing malicious transactions. Rose was compromised by the scammers. To be extra careful, make sure you verify every URL you plan to interact with as well as the URL source. Scammers can create fake links and browser-based popups to mimic MetaMasks.
Even if you’re not forced to sign a transaction, you could be vulnerable to fraud. Users are being encouraged to sign transactions blindly by hackers. It can be easy for collectors to overlook the details of speed-defining minting transactions and signatures, considering the sheer volume of transactions and signatures they receive every week. Always be cautious about what you sign and what contracts your wallet can interact with.
8/ If your TX asks for you to sign a message such as 0x6fe64a 87 it could be malicious. Verify the source website to make sure you are actually signing what you want. pic.twitter.com/DtnGAgDTfe
— richerd.eth (@richerd) February 2, 2022
How to respond if your computer is hacked
If everything fails, and you are still at the victim of malicious intent then your next steps will depend on what kind of hack or scam you were exposed to. You will be in serious trouble if you have signed a transaction or acted with a fraudulent claim or mint. There is nothing you can do to stop your crypto or NFTs from being taken away. To prevent hacking from ever happening, it is important to learn about the security flaws of others.
Although marketplace security teams may be able help you in certain cases, especially if they’re at fault, ultimately the responsibility lies with the user. Get educated to better protect your assets. Learn about common scams and how to spot red flags. Then, take the necessary safety precautions outlined in this guide, or as recommended by the NFT community.
NFT Scams: How To Keep Your Wallet Safe From Hacks appeared first at nft.
Did you miss our previous article…