The rise in crypto frauds may have chilled the minds of dozens of global enthusiasts hoping to shine in the promising digital currency space. But is this going to be a permanent concern? Or is there a way to safely navigate the market without becoming a sitting duck for scammers?
Although the threats are real and participants are unlikely to escape an attack, especially those involving high security vulnerabilities, some frauds could be avoided by taking basic precautions.
Experts believe that simple safety measures could go a long way in avoiding the risks.
Why is the threat real?
London-based blockchain analytics firm Elliptic estimated that the DeFi-based NFT industry lost $12 billion in frauds, which include price manipulation, money laundering, etc., in 2021.
In many cases, hackers used a bug or flaws in the DeFi protocol to steal crypto assets, said the Elliptic study titled “NFT Report 2022”, published on August 26.
In an August 4 tweet, the Solana blockchain revealed that a “malicious actor” was responsible for the massive thefts from its wallets. The tweet read, “An exploit allowed a malicious actor to drain funds” from thousands of Solana wallets, including the Slope and Phantom wallets. This affected 7,767 wallets.
Commenting on crypto frauds, Vijay Pravin Maharajan, Founder and CEO of bitsCrunch, a German blockchain analytics company, said that the responsibility to protect NFT wallets lies with the users (buyers and sellers). However, some aspects of responsibility also lie with the market.
Here are five things to keep in mind in the crypto market:
Use a secure wallet: Maharajan advised people to opt for a non-custodial wallet to store funds or to access products. A non-custodial wallet allows you to maintain control of your credentials and assets instead of handing over this responsibility to a third party.
But you can use a custodial wallet if the service provider is a reputable organization. However, he warned that custodial wallets could be hacked more easily than non-custodial wallets.
Unlike custodial wallets, non-custodial wallets do not store private keys, which are unique characters that determine your ownership of assets, including NFTs. Binance, BitMex, and Coinbase are some examples of custodial wallets. Noncustodial wallets include Electrum, Exodus, and Ledger Nano X.
Do not store sensitive data online: Maharajan advised people to keep a digital copy of crucial data to prevent it from falling into the wrong hands. He instructed them to save login credentials and other critical details in a physical space that only they could access.
Be vigilant about wallet activity: Keep track of your wallet and the blockchain activity of the respective NFT developer. “While these strategies can serve as a safety net, the fact remains that blockchain users need to be constantly vigilant about their assets and accounts,” Maharajan added.
Check audited smart contracts: Elliptic researchers advised people to check whether DeFi protocols audited smart contracts. Indeed, hackers usually exploit a DeFi NFT protocol by finding vulnerabilities in the smart contract. Therefore, it is also worth checking whether the smart contract audit vulnerabilities have been fixed.
Look for suspicious developers: You should check if a DeFi protocol has been developed by an anonymous developer without proven technical capabilities. If you can’t find conclusive evidence, then stay away from this protocol. You should also watch out for centralized DeFi projects, which only have a few private keys from the developers, as they might pull off a mat scam.
Developer operational readiness: Sometimes hackers can expose faulty smart contract code, but you need to check if the DeFi protocol fixed the problem. Elliptic researchers also advised people to check whether the NFT developer shows an overall level of operational security in their public discussions. This will help you determine if they may be the target of social engineering attacks.