๐จSafety Tip
Last updated
Last updated
This article will introduce common hacker phishing methods and how to set up security in web plug-in wallets and GMGN TG wallets to prevent theft.
In the dark forest world of blockchain, first keep in mind the following two major security rules:
Zero Trust Simply put, it means to be skeptical, and always be skeptical of any platform, robot, plug-in wallet authorization signature, etc. that requires the input of a private key
Continuous Security Validation In order to trust something, you have to validate what you doubt, and make validating a habit.
Scams in TG:
1) Please remember that the official admins will not send you a private message first!!! Scammers pretend to be GMGN admins to send fraudulent messages to defraud private keys or steal TG accounts!
Common situation: You send a message in the group, and the scammer asks you to cooperate under the pretext of helping you solve the problem, which eventually leads to theft. Some scammers will hide the user name and fill in the real admin's linl in the bio, which is very confusing and can easily lead the stolen user to think it is an official scam!
2) Do not click on any ads that appear above the GMGN bot! These are scammers who may steal your wallet! The GMGN official bot will never ask for your wallet's private key first!
3) In some token TG groups or links sent by scammers, there will be such so-called "security verification". Please do not click it! Do not enter any of your account information, including mobile phone number, password, etc.!
4) The scammer copied a GMGN fake group, pulled you into the group, and posted a fraudulent link in the fake group to defraud the private key! Because there are a lot of robots in the group, it looks like there are a lot of people, and they will copy the real group messages, which can easily be mistaken for the official group. Please confirm whether it is a real group through the official GMGN Twitter! ! https://x.com/gmgnai
It is recommended that users check the "Do not allow anyone" option in "Privacy and Security - Groups and Channels". This will not allow anyone to add you to unfamiliar groups and channels, which can effectively prevent you from being pulled into fraudulent groups.
5) The scammer pretends to be an official Telegram admin and sends you a message. The scam words are as shown in the picture, and they guide you to click on the scam link. Please do not click it! ! Just report and block it!
6) DO NOT install the fake โGMGNโ app listed on the App Store! It is a scam app! This is not the official version, and your wallet will be drained if you import your private key into that scam app. The official GMGN iOS app is currently under review by the App Store.
Scams in Web3 plugin wallets:
1) The most important safety principle to be followed in signature security is: what you see is what you sign. Therefore, you need to regularly check whether the wallet has authorized unfamiliar applications that you are not familiar with. Please enter the wallet to check the authorization list and cancel unknown authorizations!
Airdrop scam: The attackers airdropped NFTs to users in batches (Figure 1). Users entered the target website through the link in the description of the airdropped NFT and connected their wallets (Figure 2). After they clicked the "Mint" button on the page, the approval window popped up (Figure 3). Note that there was no special notification or message in the pop up window at this time. Once they approved, all SOLs in the wallet would be transferred away
2) Unknown transfers: Sometimes you will receive small amounts of unknown transfers in your wallet. Most of them are related to advertisements or scams. Donโt be curious. It will not affect the normal operation of your wallet. Donโt worry too much
Telegram Security Precautions:
1) It is recommended that users who are not so familiar with "TG Privacy and Security" follow the following settings, especially remember to turn on the items marked in red in the picture, which can effectively ensure the security of your TG account
Two-step verification: After it is turned on, even if a hacker gets your phone number and password, when logging in on a new device, you still need to enter a separate password after entering the SMS verification code, fully ensuring security
Phone number: Prevent hackers from directly obtaining your mobile phone number and sending you fraudulent text messages or other fraudulent activities
Groups ๏ผ channels: Stolen 4) has relevant examples, which can effectively prevent being pulled into fraudulent groups
2) Confirm whether your Telegram app is installed through the official channel
3) Check whether Telegram has authorized a strange fake bot to avoid the balance in the wallet being transferred by a fraud bot due to entering a mobile phone number or clicking a fraud link. It is recommended to verify the consistency through multiple GMGN official channels before making a transaction
Web3 plugin wallet:
1) Enter the web3 plug-in wallet to query the authorization list, cancel unknown authorization, and confirm that the authorized applications are the corresponding official applications
2) Turn on Auto-Lock timer to prevent others from seeing your private key when the device is away from you
1) If your device is an Android phone/Windows computer/non-iPad tablet, please be careful not to click on unknown links or download unknown applications to avoid Trojans or malicious programs in your phone/computer, and regularly use security software to check the device, eliminate viruses, and prevent risks
2) If your device is an Apple device, there are still some fraudulent apps in the app store and in test software that has not been officially launched. You need to be careful
3) Security principles:
For all the knowledge from the Internet, refer to at least two sources, corroborate each other, and always stay skeptical
Segregate. Don't put all the eggs in one basket
For wallets with important assets, don't do unnecessary updates
What you see is what you sign. You need to be aware of what you are signing, and of the expected result after the signed transaction is sent out. Don't do things that will make you regret afterwards
Pay attention to system security updates. Apply them as soon as they are available
Don't download ๏ผ install programs recklessly can actually prevent most risks
Almost all Web3 users have been stolen in their web3 journey. We recommend that users whose funds have been stolen fill out the SlowMist Security Team's stolen application form , which can track the hacker's address and try to recover the funds
1) Stop loss first Stop loss is about limiting your loss. It can be broken down to at least two phases:
The Immediate Action Phase. Act immediately! If you see hackers are transferring your assets, think no more. Just Hurry up and transfer the remaining assets to a safe place. If you have experience in front running trades, just grab and run. Depending on the type of asset, if you can freeze your assets on the blockchain, do it as soon as possible; if you can do on-chain analysis and find your assets are transferred into a centralized exchange, you can contact their risk control department
The Post-Action Phase. Once the situation is stabilized, your focus should be on making sure there would not be secondary or tertiary attacks
2) Protect the scene When you find that something is wrong, stay calm and take a deep breath. Do remember to protect the scene. Here are a few suggestions:
If the accident happens on a computer, server or other devices connected to the Internet, disconnect the network immediately while keeping the devices on with power supply
Unless you are capable of handling this by yourself, waiting for security professionals to step in for analysis is always the better choice
3) Analyze the causes
The purpose of analyzing the cause is to understand how the assets were stolen: private key theft/TG account theft/device hacking, etc.
For example, at least clarify the following points:
Summary 1: Who was involved, when did this happen , what has happened, and how much was the total loss?
Summary 2: The wallet addresses related to the loss, the wallet address of the hacker, the type of the coin, the quantity of the coin. It could be much clearer with the help of just a single table
4) Fill out the SlowMist Security Team Theft Application Form
It is recommended that the stolen users fill out the SlowMist Security Team's stolen application form , which will restrict hackers and related addresses from depositing and withdrawing funds from CEX, and track the hacker's address to try to recover the funds
โ ๏ธGMGN's first purpose is security, there is no loophole that leads to the transfer of wallet balances, and in case of theft, please check yourself according to the above-listed situations. GMGN does not perform any operations on the user's wallet, and we do not have the ability to transfer any user's wallet balance.
