🕵️Common Scams

OBVIOUS SCAMS:

PUMP & DUMPS: Tokens that were designed solely for the early investors to profit off of people hyping it up and buying/FOMOing in.

HONEY POTS: This is a token where it has an attractive-looking chart, lots of buys, maybe a few sells. But it’s going up and up! The problem is the only people that can sell are approved wallets, so new investors CANNOT sell their tokens.

RUG PULLS & SOFT RUG PULLS: are where the contract/token creator holds a bunch of tokens before liquidity (value) is added to the token, then when people start purchasing the creator slowly sells off their tokens for the underlying liquidity asset (such as ETH or BSC).

HARD RUG PULL: The contract creator waits for a sufficient amount of liquidity (value) to be put into the contract via people buying the token, they then remove all liquidity, and people are left holding worthless tokens.

LESS OBVIOUS SCAMS:

DUSTING: This scam involves a contract randomly sending tokens to a bulk list of addresses. The contract allows the contract creator to access any wallets that approve it. They go like this: You wake up, check your wallet and you see a new token in there that you don’t remember buying. If you have a wallet that shows values it says you have some ridiculous amount of value in these tokens. You get pumped (and now you are vulnerable because your emotions overpower your reasoning) You go to check out the value or cash them out. After approving the contract on Uniswap, Pancake swap or some other DEX you find you cannot sell them no matter what you try. You forget and walk away. A few hours later the contract creator does a sweep to see everyone who has approved the contract and then goes and cleans out all tokens of value from those wallets.

FAKE ADMINS/SUPPORT PEOPLE: This is common but easy to fall for. Usually, this happens on Telegram but can happen on Twitter, Facebook as well. People impersonate an account by having the same or very similar display name and profile picture. They lurk in groups, find accounts to impersonate, and then start contacting users from that group asking them to confirm their tokens or address by connecting to a site or sending their private keys/seed phrases. People see a username and profile pic they trust and they follow the instructions. Then they lose everything.

FAKE TRADING/INVESTING SYSTEMS: This is “too good to be true” investment/trading opportunities Typically these are cold contacts saying they know you invest in crypto or saw you were in a similar Facebook or Telegram group about crypto. Conversations will tend to start casually. They then ask if you’ve heard of “Blah Blah trading group” or “So & so trading method” Then you get some fake numbers about how much profit they make. They send you a link, in order to “use” said trading method/group you must connect a wallet or send them your private keys/seed phrase. They will insist it is safe for you to do. If you follow through with it, you will be robbed.

COMMON MALWARE/SPYWARE METHODS: These are applicable to more than just crypto. These are the easiest to protect against because all you need is a good anti-asshole software suite installed on ALL your devices. This includes you Apple users!

KEY LOGGING: They simply watch what site you’re logging into and record your username and password.

SNOOPING: They provide themselves access to your photos/videos/files and find pictures you have saved of passwords, private keys, seed phrases, and then steal all your stuff.

SAVED PASSWORDS: Saved passwords in your browser. Seriously, they aren’t safe. Never save passwords to anything important in your browser, including bank accounts, cryptocurrency sites, and more. Chrome and Safari are not secure.

OTHER CONSIDERATIONS:

Apple has given itself the ability and obligation to have access to view all of your media via AI. This is to fight against “sex trafficking” and “child pornography”, which is great. The problem comes in when a real-life person must review anything that gets flagged. This means, potentially, if your account gets flagged rightly or wrongly, a real-world person can now view all of your media. This would include any passwords or seed phrases you have taken pictures of.