5 Ways To Not Get Hacked in Web3
creators are getting hacked now!
One time, a friend got hacked.
Everything from his wallet got drained.
At first, we weren't sure what happened, what he clicked, or how the hacker accessed his wallet but after checking thoroughly to identify the hack loop ...
We found out it was a "social engineering" type of hack.
It happened that someone texted him on X (formerly Twitter) about a job. The person seemed genuine, but he pretended to be from a reputable project in the space and sent him a Zoom meeting link to join through his laptop.
During the meeting, the person pitched the idea and asked this friend to "download and test" a new product the team was launching, the idea was to be part of beta testers and then promote it.
He downloaded and tried to navigate but it appeared buggy, he told the "team" and they kept saying it would work or sum like that.
Eventually, he got tired and left the app.
Fast-forward to about a couple of days, he gets drained, completely.
You'd probably say "he was careless!"
First, it happened a while back (this kind of hack wasn't that popular)
Second, it could happen to anyone, even now, especially creators looking to work with projects.
In today's letter, I want to walk you through 5 security measures that would save you the pain of losing your funds or devices (yeah, hackers can hack your entire device).
What does 'Security in Web3' even mean?
If you've heard people make “wife-changing” money in Web3, know they can also lose their entire net worth instantly.
In this space, hackers work twice as hard.
These 5 security steps I'll walk you through should help you reduce your chances of being hacked or drained.
Step 1: Avoid clicking random links
Like my friend, you'd be shocked how a simple click can turn everything upside down.
Phishing link hacks are one of the most common types, you want to always verify links first.
This might not give 100% accuracy to read attacks, but here are 5 tools to use in identifying phishing links:
- NordVPN Link Checker: Simply enter a URL to see if it's safe.
- Bitdefender Scamio: Check links, emails, or messages for phishing by chatting with an AI.
- Google Safe Browsing: A quick check to see if Google flags the link as unsafe.
- PhishTank: Community-based, where you enter a URL to check if it's known to be a phishing site.
- CheckPhishing.com: Enter a link, and it'll tell you if it might be a phishing attempt in plain language.
You don't have to connect your wallet to these sites to confirm links, just paste the link to check.
Step 2: Limit Your Exposure
Don't keep all your eggs in one basket, I mean this literally.
You see, in 2022 one of the craziest crypto crashes happened as a result of FTX fraudulence activities.
This exchange crash led to a massive loss of funds and almost every FTX user got drained.
My point is, do not keep all your funds on a single platform.
- Spread your investments
- If you like stables, either stake or create a separate wallet and keep your funds.
- don't leave too much on decentralized exchanges
Step 3: Smart contract audit
I started my smart contract development journey not quite long and I already realized the essence of audited contracts.
You don't have to be technical to know this but if you're looking to work with, invest in, or test a project, check for contract audit.
You don't have to read the codes, check for reputable auditing firms for their audit scores on the projects, firms like Certik.
The audit scores should relate to how safe it is to engage.
Step 4: Social engineering
This one can go wrong in so many ways, a big Influencer’s account can get hacked and send you scam content, or a hacker can brand as a 'team member' or just as a person with an opportunity for you.
The list is endless.
The best way to counter this is to:
- take the time to check if the account is truly affiliated with the acclaimed project (by checking if they have an affiliate badge or followed by any real team member)
- verify links sent to you especially to join the meeting
- have your calendly to schedule meetings instead.
Step 5: Educate Yourself Continuously
As I said, hackers work twice as hard.
They would always find new ways, gimmicks, or tricks to scam, the best thing to do is to keep learning and understanding.
The more you know, the more you know what's likely and what's not.
Security is everyone's concern, as much as Web3 can make you money faster than any other industry, you can also lose it all to hackers.
Stay safu.
Now, let's look at Web3 Jobs you can apply for the week:
Social Media Manager ($25k - $35k/yr)
"We are seeking a Social Media Manager to increase ChainSeeker’s digital footprint, engage our community, and spotlight our unique airdrop farming solutions. This person will execute creative campaigns across multiple platforms, including Twitter, Telegram, and beyond, ensuring our brand remains top-of-mind within the crypto sphere" - ChainSeeker
Apply here: Social Media Manager Role
NFT Artist / Designer ($35k - $70k/yr)
Apply here: NFT Artist and Designer
"We're looking for an NFT Artist / Designer with a strong creative flair to help visualize our presence in the crypto community. You’ll be responsible for conceptualizing and crafting compelling NFT collections, promotional graphics, and brand materials that resonate with our user base and communicate the essence of our product" - ChainSeeker
Community Manager (Amt: not specified)
"We need a manager that can welcome and onboard new members, manage Discord, structure and communication, lead onboarding sessions, monitor and prevent conflicts, guide discussions to appropriate channels, assist with initial recruitment and vetting, coordinate community events and workshops" - VitaDao
Apply here: Community Manager role
Web3 Customer Support Specialist
"We're looking for a Customer Support savant to join our team working EU timezone. The ideal candidate will be crypto and discord native, with extensive experience in community building and technical support."
Apply here: Customer Support Specialist
* In a letter coming soon, I'll talk about application strategies, but for now, good luck with your applications!
That's it for today.
If you're ready, here's how I can help:
- Want to get started with your Web3 journey? Get the Web3 Jobs Course for FREE: Web3 Jobs Course
- Have any Web3-related challenges? Share in the comments and I'll be sure to tackle it in ways I can.
Ciao, for now.
- Phoenixx