This guide draws on extensive internet experience to provide you with effective strategies to safeguard your digital presence. It's essential to proceed cautiously, especially in communications that could expose you to risks, and to place your trust only in individuals and entities that have established their reliability over time within the community.
🧵2/13 I can assert with confidence that most data and digital asset theft is due to users' lack of caution. There are no complex or bizarre methods for stealing your information; rather, exploitation often occurs precisely where you pay it least attention or deem it too trivial to worry about.
Digital Entry Points 🧵3/13
In the digital world, entry points can create opportunities for attackers to exploit misplaced user trust. Opportunists aim to use this trust to access your data and assets in various ways. Recognizing when to trust people or messages that seem official can prevent many security threats.Haste and Neglect in Decision-Making 🧵4/13
Rapid, unreflective responses to links, tools, transactions, and interactions can lead to significant mistakes that opportunists are waiting to exploit. In the digital world, taking a moment to fully evaluate the situation before taking action can significantly enhance the security of your data and assets.Failure to Use Trusted Tools and Software 🧵5/13
Especially in the Web 3 world, where wallets play a critical role, there are numerous methods by which your digital wallet and signature could be forged, allowing unauthorized access to your assets from your phone or computer. It simply requires that you or your system grant them access.
How Do Opportunists Breach Your System and Data? 🧵6/13
Identifying strengths and weaknesses.
Many people think data theft must involve some elaborate act, but paying attention to your relationships, conversations, correspondences, and everyday interactions often reveals the key issues.
No intrusion can occur without your permission. As an expert in this field, I can assure you that no unauthorized access is possible without either automatic or manual permission from you. Therefore, your data is only stolen when you have permitted it.
You might wonder, how does one inadvertently give permission for data theft? In my view, you shouldn't look for a complex reason because the explanation is quite simple! Simply trusting and corresponding with confidence with an opportunist grants the largest "permission" for them to proceed further.
Opportunists try to exploit your strengths, so naturally, someone who compliments you will likely make you feel good, and we all enjoy discussing and hearing more about our abilities and skills; this is a method by which opportunists begin by flattering you, marking the first step towards initiating a scam.
Flattering and offering unsolicited assistance.🧵7/13
Another method involves identifying your vulnerabilities. For example, in the Web 3 world, and particularly in communities that may require support, opportunists seek to discover problems. After identifying these issues, they approach users with offers to resolve these existing or potential problems, using names and IDs from official (but fake) projects to start correspondence with you. This situation becomes appealing, and you generally engage in correspondence to resolve your issues, thus opening another door for opportunists.
🧵8/10 My suggestion regarding social behaviors is straightforward: do not trust anyone and do not correspond with them unless they meet the following criteria:
They should be well-known and community-verified.
They should have a clear and traceable activity history.
They should have a credible circle of friends; for instance, if no other recognized individuals follow them, you should be skeptical.
The content they produce, their resume, and all their activities should generally be relevant to the area stated in their profile.
What topics do opportunists typically discuss? 🧵9/13
Many are quite cunning, using the traits of a benevolent and reputable person. They are psychological manipulators, but do not be afraid! By understanding the circumstances and acting cautiously, you can detect these issues and prevent potential high-risk situations.
Such individuals usually message you offering help or promoting something. They start the message with praise, or if you are facing a problem, they begin discussing the issue in such a way as to suggest they want to help you—exactly like a very close friend!!! Be skeptical of them; not everyone is your friend.
Suggestions for collaboration or employment often come in the form of messages stating that your work is excellent, and they wish to collaborate with you in their team or company, sometimes even offering a proposed fee for your work. However, the main issue arises when, after some time to get your confirmation, you are asked to register on a site, or you are asked to run a software or program and see the result to provide your opinion about it. At this moment, you should be skeptical!!! No company director, no developer with good intentions will ask you to install a file or program! Technically, when browsers and software execute a program, link, or code, they can easily run part of the encrypted codes on the processing unit of your computer's CPU and in the background, search for your important information, especially key details from your wallet. Therefore, be skeptical of all such requests.
Technical and Safety Recommendations 🧵10/13:
Use secure browsers like Chrome, Firefox, or Brave on any operating system or device. Ensure no extension is running unless it has been verified by the community. Remember, as helpful as extensions can be, they can be equally destructive!
In the Web 3 world, the wallet is the most important option. I strongly recommend keeping your significant assets in a hardware wallet. For everyday tasks and transactions, although MetaMask is a good option, I recommend Rabby Wallet. This wallet offers interesting security options and provides you with information before you confirm anything, helping you understand the security conditions under which a confirmation is being made, usually alerting you to safe, suspicious, and risky situations.
Use more security and safety tools, like Wallet Guard, which checks all security-related matters before running an extension or your wallet and informs you if there is a potential problem.
Wallet Guard 🧵11/13
Before any transaction, purchase, sale, transfer, etc., check the destination wallet address, verify its history, and usually, in Farcaster and strong networks, you can receive and review more details based on the wallet. Protocols and algorithms such as OpenRank can be suitable options in this regard (for the FC environment).
Use tools to identify potential Exploits; these tools help ensure that access and authentication have been verified. You can check the signatures to ensure that you do not give access to other potential issues except for the things you are sure of.
For this purpose, I recommend using the tool revoke.sh.
Tap Strategy 🧵12/13
Many other recommendations have been mentioned, but one of the best pieces of advice is to use the TAP strategy proposed by 6529. This is the best way to prevent phishing attacks.
1/ On TAP
Tap, tap, tap, tap, tap, tap, tap, tap, tap, tap.
Three (T) Address (A) Protocol (P)
The way to *never* have your grail NFTs phished is to religiously TAP.
It is super-easy to do, you should all do it.
There is NO excuse not to do it! NONE!
2,095
This strategy, recommended by the NFT community, involves three key stages:
Three (T): Use three different addresses for various activities in the NFT world:
Minting Address: For creating NFTs, which only holds a small amount of Ethereum to pay transaction fees.
Transaction Address: For carrying out daily transactions and buying and selling NFTs.
Vault Address: For long-term storage of NFTs you do not intend to sell. This address should never be connected to any online service.
Address (A): Separate addresses to manage risk and reduce the likelihood of unauthorized access to all your assets.
Protocol (P): Strictly adhere to security protocols during transactions and NFT creations.
This method is simple, and there should be no excuse not to use it. Implementing TAP can nearly eliminate all phishing attacks.
How to Use TAP 🧵13/13:
Minting Address: Only keep the necessary amount of Ethereum for creating NFTs. Never use this address for other transactions.
Transaction Address: This address is for buying, selling, and everyday transactions. Ensure that only the necessary amount of currency is available in this address.
Vault Address: This address should be used for long-term storage of NFTs. Avoid connecting this address to any online platform to ensure its security.
By following these methods, you can significantly enhance the security of your digital assets against many common threats, ensuring peace of mind regarding the safety of your valuable assets.
🧵/13 Empirical and Suggestive Guide to Staying Safe in Web 3 This guide draws on extensive internet experience to provide you with effective strategies to safeguard your digital presence. It's essential to proceed cautiously, especially in communications that could expose you to risks, and to place your trust only in individuals and entities that have established their reliability over time within the community.
🧵2/13 I can assert with confidence that most data and digital asset theft is due to users' lack of caution. There are no complex or bizarre methods for stealing your information; rather, exploitation often occurs precisely where you pay it least attention or deem it too trivial to worry about.
Digital Entry Points 🧵3/13 In the digital world, entry points can create opportunities for attackers to exploit misplaced user trust. Opportunists aim to use this trust to access your data and assets in various ways. Recognizing when to trust people or messages that seem official can prevent many security threats.
Haste and Neglect in Decision-Making 🧵4/13 Rapid, unreflective responses to links, tools, transactions, and interactions can lead to significant mistakes that opportunists are waiting to exploit. In the digital world, taking a moment to fully evaluate the situation before taking action can significantly enhance the security of your data and assets.
Great thread! 100 $degen
🫶 Pelin.
I hope everyone reads it
Useful thread 🔥
256 $DEGEN
thanks🔥 🔥
This should be promoted by the platform 🙌🏼 amazing article @compez.eth 128 $degen
Victor! 🔥
🎩$Degen Tips are now officially on the Degen Chain🎩 Check your Tip activity in the Tip Explorer👇 https://tipexplorer.lum0x.com/cast-detail/0x91f415d5b8ef7e558f4a485e5e4af505648edd79
Tysm for putting this together 🙏
Cool guide mate Safety first!!
128 $DEGEN
thanks mate
Very important topic! Thanks for the suggestions!! I m trying to be cautious
🤍🤍
128 $DEGEN🫶
Such an important thread mate! I got scammed via weth 2 years ago. So everyone should read threads like this carefully. Thanks for sharing✨
Thanks for sharing useful information🌹