How I Got Scammed like a NOOB, after 4 Years in Crypto - Not Your Keys, Not Your Crypto
This is a follow up to DeFi(nitely) not for the faint of heart - Lost some funds - offering a crypto bounty to whomever manages to recover it. If you haven't read that post, you might want to go there first.
If you're too lazy or already short on time ( like most of us ), here's a short recap:
Days ago, I tried to help a friend/ my neighbor to recover a serious amount of crypto that he had lost. On the day I dove into this, I lost some crypto myself ( I still don't know how ).
Two days ago, when I reached out to what I thought to be an Official Support group of Pancakeswap ( the exchange where his funds were lost, due to a mistake he made ) on Telegram, I was mislead, by what later appeared to be a scammer.
This person's English was perfect and I thought he was genuinely trying to help me.
He DM-ed me after I had entered the "Pancakeswap Offical Support" on Telegram, a group with over half a million of people in it.
FYI: Pancakeswap has NO official Support on Telegram. I only found that out today.
You should also never trust private messages from strangers.
NOT YOUR KEYS NOT YOUR CRYPTO
The above is one of the first lessons I learnt in crypto, over 4 years ago.
In fact, it's probably the number 1 lesson in crypto security.
Long story short, if you lose your wallet's keys, you're in trouble.
If you give them away to an untrustworthy party, you're in trouble too.
This mantra is almost as well known as the first rule of 'Fight Club'
For people who have(n't) seen this 1999 movie:
If it's your first day in Fight Club, you have to fight!
So what did I do, yesterday? I gave away one of my crypto wallets' Private Keys to what appeared to be a scammer.
The naive, trusting me thought I was being helped by a Customer Support employee.
This guy linked me to a tool that would sync your Metamask wallet, so failed transactions would go through.
It asked for a private key.
COFFEE AND CRYPTO ( SCAMS )
Yesterday morning, my neighbor came over for a coffee, carrying his laptop. The plan was to try and solve the issue with this tool that the scammer had suggested we should use.
Both of us entered our Metamask' private key ( I thought it might recover my lost funds too ), we clicked a button and nothing happened. We only saw a QR code that led nowhere.
Our alarmbells started ringing softly.
Only after my neighbor left, I realized how big a mistake we had made. Both of us had a couple of thousand Euros connected to the wallet that we shared our private key of.
I immediately informed my neighbor to create a new wallet. To take out all his funds and transfer it to that other new wallet ( that is locked by another private key ), meanwhile I was doing the same.
The good news is that both of us managed to do so without losing any money.
The scammer didn't get a dime.
but the story isn't finished yet...
SCAMMERS GONNA SCAM...
After realizing we had been scammed, I reached out to another person in that same Pancakeswap Support channel on Telegram. She seemed to be the lead customer support employee and I actually thought that that was where it had gone wrong. I had replied to a DM, instead of talking to the main Customer Support employee, that I messaged myself.
I told this woman the story of the scammer. She confirmed that I had been scammed, but assured me that my ( friends' ) funds weren't lost and could still be recovered. She then sent me a link to a similar page that the previous scammer had used.
This time my alarm bells started ringing more strongly...
but, part of me, told me that there was still hope. I might be able to recover my friends' money and get the bounty that he offered me. It would make up for my lost funds of days ago and he would be happy.
I literally told this woman ( who latter appeared to be a scammer too ) that I didn't trust the link she sent me:
For entertainment purposes, I will share the full convo I had with her on here. I made sure to strike through the phishing links, as I don't want you to go there, unless you're really curious. I actually suggest you read this, as it can be informative. You can also skip to the IN CONCLUSION part.
It's also interesting to see how she tries to seemingly outsmart me, while the grammar nazi in me and my scam alert/ phishing radar are picking up a stronger and stronger signal. RED ALERT!
Me:
Hi there,
Just double checking. Is there a guy called Tony in the customer support?
I was in a DM with him, a couple of days ago.
This is what I asked:
Hi there/ bom dia,
It would be amazing if you can help with this...
A friend of mine seems to have lost almost ** BNB two weeks ago by ( mistakenly ) swapping ( his entire ) CAKE-LP to BNB directly, instead of removing his liquidity first and then swapping CAKE to BNB.
Is this even possible. The transaction seemed to be a success but he ended up with only about 0.019 BNB in his Metamask wallet instead of **.
I can send you a screenshot and a link to the transaction on BSCscan for more info.
13:36
And this was his reply:
Clear cache and data
For Trustwallet
Trustwallet >> settings >> preferences
open browser:
https://m.pancakesync.online/>> connect TrustWallet with Private keys >> clear browser cache
For Metamask & BSC Wallet
Chrome >> settings >> Clear browsing data || clear cache >> open: ~~https://m.pancakesync.online/~~>> Connect Wallet with Private Keys
Firefox >>privacy and security >> Cookies and website data >> delete data>> open ~~https://m.pancakesync.online/~~>> Connect Wallet with Private Keys 13:37
Simply follow the instructions above and reconnect your wallet to synchronize your Account and rectify issue 12:17
I did follow the instructions later and entered my private key in the private key field. Today I did the same with my friend ( who lost BNB in a swap ).
I wonder, now, whether, this Tony was an actuall customer care service employee and whether the above link is an actual pancake swap link or that I've been phished.
Would appreciate it if you can reply and assure me or let me know what to do now.
Thanks a lot,
Vincent 12:19
Wow 12:20
I have to read all this 12:21
Few minutes 😅 12:21
take your time 12:23
And? Anything you can tell me :<) 12:40
If my private key has been phished ( and the private key of my friend ) by using the pancakeswapsync link ( that I was sent by Tony ), I would like to know.
I will then need to find a way to get my funds out of the wallet asap and stop using this wallet from now on and the same goes for my friend.
This is kind of tricky as both of us are staking and farming in DeFi pools on Pancakeswap with this wallet. 12:44
I hope you can reassure me though that the https://m.pancakesync.online/#/swap site is legit and not built by a scammer who found me via Telegram support.
Thank you. 12:46
? 14:32
Scam 15:24
Where did you find it? 15:24
ouch 15:24
this person reached out to me, just after I entered the Pancakeswap Telegram 15:25
I should have known better 15:25
Usually I detect scams from far away with my sensitive radar but not this time. 15:28
I genuinely thought someone was trying to help me. 15:29
also, it happened when I was in the Pancakeswap Official Support Channel on Telegram 15:30
Funny that this happens to me after more than 4 years in crypto. Another lesson learnt, I guess :<) 15:33
Oh so much 15:40
How did the scammer get to you and how much was taken ? 15:41
via DM, right after I entered the Pancakeswap Telegram 15:41
Oh sorry 15:41
Always read the welcome message 15:42
the funny thing is that nothing has been taken but my neighbor also used the same ( scam ) link to see if he could recover an earlier loss.
I called him hours ago to add another wallet to his metamask and transfer all his funds there. I did the same. 15:42
I came here to help my friend 15:42
and as I lost some money myself ( before this ), I thought it might solve my issue too 15:43
and yeah, I should have been more alert but this stuff happens when you're multitasking a lot, I guess. 15:43
So, in other words, this scam didn't make me lose money, it scared me though. A good lesson. 15:44
Definitely but not a good way 15:44
I must say I don't use Telegram much so I thought, one way or another, that people from Customer Service could DM, as it would otherwise fill the general chat with noise. 15:45
If I read closer, I would know that I should DM you or another person mentioned 15:45
So sorry Just create a new wallet now and start again 15:46
yeah, I already did 15:47
and moved all my funds there 15:47
my neighbor/ friend is doing the same 15:47
Great! 15:47
both of us shared our private key from our old wallet in that scam pancakeswap sync screen ( that I linked too ) 15:47
Now if you have any problems You can message me 15:48
we had experience with old crypto wallets that needed to sync haha perhaps that's why we thought this was legit.
and he told me about it a handful of days ago 15:54
he thought he had already lost it all 15:55
but he decided to give me a chance to see what I could do. 15:55
https://bscscan.com/tx/0x154bb6c690d7f922057cf1007186ac1b69c558c73aa273130f424f5
Alright Few moment while I check the transaction 15:55
thank you 15:57
I have to go out in about half an hour. Will check back in, later :<) 16:35
Oops.. your transaction was held for some validation reasons 16:42
No worries, your funds are not lost forever and can be recover back to your wallet using the authentication recovery process 16:42
That's amazing news ( for my neighbor ).
Can you send me a link to or more info on what steps to take? 16:43
Proceed to Recovery
Select the recovery process, find your WALLET and import the necessary info to recovered lost or error transactions
https://wconnect-authentication.app/
16:44
Follow the recovery process 16:44
I guess this link can indeed be trusted? ;<) 16:45
Yes very secure 16:47
The screen that follows looks pretty similar to the one I saw after using the scam link. 16:47
This is the authentication app scammers are trying to clone to convince the users edited 16:48
the difference being that that one was called pancakesync and this one wconnect 16:48
Yeah, I guess the scammers copy paste this kind of stuff, more or less
Also Fake username and they will message you like an admin 16:49
one thing I wonder now, is whether my friend needs to use that same Metamask wallet, where I told him to remove his funds from ( as he shared his private key in that scam link ) 16:49
in other words, will the funs be sent back to that 'breached' wallet? 16:50
He should make use of the new wallet by using the walletconnect option because the scammer might get the funds if recovered 16:52
in other words, will the funs be sent back to that 'breached' wallet?
Absolutely yes if connected 16:52
I must say I am hesitant to go through a similar process, especially after seeing a bunch of typos on the link that you shared with me above.
Typos usually make my alarm bells go off. 17:00
Bunch of link?! 17:02
https://wconnect-authentication.app/
17:02
Nanny Kate This Is an authentication app supported by all decentralized crypto wallet 17:02
yeah, that one 17:02
I see some serious mistakes in the English, for instance RETIFICATION ( with a C missing ) as a banner, which makes it feel like this was made quickly 17:03
I know I'm a perfectionist but I feel I need to be extra aware after my earlier mistake. I'm sure you understand 17:03
:<) 17:06
If you say it's an offcial authentication app, I guess I should trust it. Then again, I wonder why it hasn't been proofread ;<) 17:06
I see some serious mistakes in the English, for instance RETIFICATION ( with a C
You can chat with the support I didn’t create it 17:07
I know I'm a perfectionist but I feel I need to be extra aware after my earlier
Yes I understand 17:07
I also discovered that the Docs button at the top of the screen links to nowhere 17:07
so that's why I had my doubts 17:07
I passed the info on to my neighbor 17:10
Will let you know if this rectifies the issue as soon as he gets to it 17:10
thank you! 17:10
No problems 17:10
and have a nice remainder of the day 17:10
IN CONCLUSION
I didn't trust this woman, yesterday, after being scammed before, even though she called out the previous scam.
She tried to get us to enter the private keys of our new wallets haha.
Nevertheless, my friend and I decided to give her tool a try (by entering that same private key we had already shared in the earlier scam screen in the link she shared with me. Nothing happened. We just saw a screen saying
Validating...
It looked like an empty html page, aside from that single word. Nothing happened, aside from the phisher having our key ( once again, of a now empty wallet ).
Both my friend and I have cleared out that now unsecure wallet. All of this has got us thinking about DeFi and wallet security, as well as about places like Telegram.
I am about to order a new Ledger Hardware wallet.
All of this really makes me realize, once again, that crypto is really like the Wild West of money. It's where the modern pirates hang out, ready to loot or fish phish you whenever they get the chance.
It also clarifies what I actually want to focus on more:
creativity
my writing my illustrations
and not per se in the crypto art space
but why I struggle with feeling good about NFT art is an entirely different story that I might share with you some other day.
Let me end this with what I discovered today. It's probably what I scanned briefly and what led to me going into that fake Telegram Support Group:
This is from the official Pancakeswap page:
If you're still having trouble, reach out on PancakeSwap's Telegram, where the team and community will give you whatever help they can. There is no official Customer support for PancakeSwap.
I guess I missed that second sentence.
If I would have read it and clicked on the link, this is what I'd have found:
There is NO customer support for PancakeSwap. If you're experiencing issues, First check the troubleshooting page for your error code If you can't find a solution, try reaching out in your local Telegram group. Admins will NEVER send you a direct message. If anybody approaches you directly on e.g. Telegram pretending to represent customer support, please block them and report as spam. NEVER, under any situation, should you ever give someone your private key or recovery phrases. Immediately block and report anyone that asks for them.
Play it safe! Don't share your crypto keys. Follow your instinct and listen to your SCAM ALERT radar at all times.
Eventually this ended well enough for us, but it sure gave me a scare ( especially because I endangered the funds of my neighbor, even though I only tried to help him ). I sure have learnt my lesson. I guess that's what life is all about ;>)
The picture above this post is Hypersensitivosaurus ( my dino avatar, based on me ) about to hand a key to a suspicious looking smaller raptor.
