Five tips to be wary of hackers to help you cast NFT safely

Hackers are exploring NFT Discord to find weaknesses. This week, we saw a tragic example when Discord of CreatureToadz was temporarily attacked.

During the incident, the hacker used this opportunity to post a fake “invisible drop” link, which seemed to point to an NFT minting interface, and then the victims spent ETH (they thought they were minting NFT), but in fact all All of the money was directly transferred to the attacker’s address, and no NFT was minted.

Five tips to be wary of hackers to help you cast NFT safely

“This is very hurtful. Discord was destroyed for about 45 minutes. We just regained control of it. Anyone who bought NFT from this scammer will be compensated. It’s 2 AM and they launched an attack while we were asleep. As a community, we will become stronger.”

Fortunately, the CreatureToadz team regained control of Discord and will compensate the affected participants. However, this incident reminded us that as NFT minters, we must remain vigilant. In fact, more and more hackers are targeting us.

For today’s post, I collected some tips for safely casting NFT. All in all, these tips can help you avoid or minimize the security issues faced by NFT casting.

First of all, I don’t think this is a comprehensive “best practice” for safely casting NFT, because I may have missed some ideas. But at least, the following tips can help you.

Learn about common NFT scams

“Knowing the enemy and confidant, a hundred battles will never end.”-“The Art of War by Sun Tzu”

Generally speaking, the first step to achieve NFT security is to become familiar with the main scams currently faced by NFT users, and current and future scams may evolve from these types of tricks.

As MyCrypto points out in its useful “Common NFT Scams” guide, attack vectors can include artist or brand impersonation, fake storefronts, etc.

Tip 1: Use a dedicated coin wallet

Suppose you will use a major wallet where you will store your best encrypted artwork, publish your Mirror blog, and handle most of your DeFi activities.

In some cases, criminals may abuse or destroy the permissions granted to these projects by users to steal funds.

Five tips to be wary of hackers to help you cast NFT safely

“In fact, some websites are created with the intention of stealing funds/NFT? after users grant access to their wallets, so be careful with which Dapp/website you connect to…”

Therefore, isolating the risks surrounding the casting of new collectibles into a secondary wallet, in which you only store a small part of your own encrypted assets, is a simple way to improve the security of the NFT.

Tip 2: Clean up your token authorization regularly

When it comes to granting permissions, it is a good idea to clean up regularly, and similarly, users usually grant spending approvals to NFT projects to interact with them. In the worst case, these spending approvals are unlimited and may be exploited by attackers.

good news? Now you can use Etherscan’s simple Token Approvals Checker tool to clean up risky authorization approvals, in addition to other similar tools.

Tip 3: Pay attention to “Sending ETH”

Five tips to be wary of hackers to help you cast NFT safely

If you see this content when casting on the website, please double-check your link, double-check your URL, and double-check everything.
Because this may be a tuo? You have been cheated.

If you try to mint a new project, NFT, and see “Sending ETH” appearing on your MetaMask interface, please leave, this is a scam!

This is what happened to the CreatureToadz project earlier this week. A hacker sabotaged Discord, then made a false bot announcement and secretly collected ETH from the victim (the person who thought he had minted CreatureToadz).

Tip 4: Find official information

Don’t trust the announcements of the Discord robot. Look for communications from official people such as project leaders, administrators, and moderators, and confirm the casting announcements and other important information across multiple channels (such as Discord, Twitter, community discussions, etc.). If someone randomly sends you a private message and talks about the “coming NFT release”, please ignore it.

Tip 5: After casting, please pay attention to fakes

Suppose a highly anticipated NFT project has just been sold out and you missed the casting. If you want to collect this series of NFTs, you will rush to the secondary market such as OpenSea to participate in the transaction.

And scammers will use the above dynamics to defraud by launching fake and pirated NFT collections.

OpenSea has done a good job cleaning up these lists quickly, but you must be vigilant in these early windows of opportunity.

in conclusion?

We are pioneers at the forefront of NFT. There is no shortage of excitement here, but there are also many risks. Follow the above tips and check the URL and contract address several times, which will greatly help to ensure that your NFT collection process remains safe.

Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2021-10-25 22:11
Next 2021-10-25 22:13

Related articles