Phishing Scams in Crypto - How i was Scammed and How u can avoid it!

3 Min Read
629 words

hack-fraud-card-code.jpeg
Source
Recently I was trying to buy some tokens from a decentralized exchange and I became a victim of phishing. I want to share this blog with you all so you don't fall into the same trap.

Phishing is the process when we enter our details(password) into a fake/imposter website that looks exactly like the main website. Once you enter your details: the password and phrases(meta mask, or any Wallet phrase in general); on clicking on the submit button all these details (passwords) are passed on to the host of the fake website.

Now the host of the website has access to the wallet and can withdraw all the assets to his/her account.
Since crypto is very secure we can see to which account all these assets move into but we do not know who owns the account so a Cyber security platform with the current tech level would help retrieve the assets lost.

Usually how phishing occurs :

  1. Fake website: This is what I explained above where we enter details into a fake website and then the host has access to all assets.

MY STORY: " EXPERIENCE ON HOW MY ASSETS WERE STOLEN" (based on the fake website)
I tried to purchase some tokens using the fantom wallet but as soon as I swapped my tokens on refreshing the page my wallet balance was about 2$ from about one sol which is (200$approx). I am currently a student and panicked and tried contacting the customer service asap.
here's my chat with them:

WhatsApp Image 2021-11-25 at 3.31.27 PM.jpeg

WhatsApp Image 2021-11-25 at 3.32.01 PM.jpeg
Images are taken from my chat

"As I mentioned above once your assets are withdrawn by the phishing website host, it's gone forever ", so the customer service couldn't do anything about it as well. In the end, it was a lesson learned to be very careful in which website we enter our passwords and phrases into.

2)Social media tweet's
We never know who is behind an account, using celebrity profiles to gain public trust. Here even if they ask for a small crypto transaction to connect wallets or enter a password. Once assets are sent are lost forever! Because most of These are handled by bots and most likely fraud.
Make sure when you invest in these places that you have done your share of research about their authenticity.

3)Scam Email and messages :
This is the most widely and common phishing technique. Here, we are sent scam catchy messages saying we have won "xyz$" and once we connect our Crypto wallet or bank account to them we can redeem them. Many times even people aware of what phishing is get caught in these and lose their asset's. Never give your wallet phrase to anyone and never reply to such message and email with any of your information.

CPI-solutions_Blog-Illustration-How-to-Handle-Phishing-Attacks-_1920x1080_SC_12-02-2021_V1-2.webp
Source
How to prevent such scams from happening?
✓Make sure to always check if the website is the authentic/original website.
✓ Use only mainstream wallets such as meta mask and even when you import wallet to a new device make sure the extension is authentic.
✓ Do not hand over your wallet phrase on any website that is asking for "importing your wallet", when your extension is already Imported and working.
✓Use modern (non-add tracking) browser such as brave where your even paid to use it!
✓ Do not reply to scam emails and messages which are too good to be true, especially the ones which demand personal information.

My goal in this blog was to share my experience of getting scammed so that no one else reading this Blog faces it in the future.

Hope you learned something new in this blog, let me know your thoughts in the comments :^)