Beware of Scams! Print
Modified on: Thu, 11 May, 2023 at 11:09 AM
Scams are an unfortunate reality of the crypto industry. The Polkadot community takes the matter of scam fighting and prevention very seriously. It is the first ecosystem with a dedicated and decentralized Anti-Scam Team that has taken great strides in protecting our community. However, you still need to be watchful and careful, and for this reason, we have compiled a guide on our wiki on how to protect yourself from scams, which we strongly recommend everyone to read.
TABLE OF CONTENTS
Keep and protect sensitive data
⛔️ READ THIS FIRST!
It is imperative that you store your mnemonic phrases only on paper, in a safe and secret location!
Never keep it on any electronic medium like the cloud, your computer, on a USB drive, etc.
An unauthorized third party can only access your funds if they have obtained your 12-word mnemonic phrase or your JSON file and password. That's why keeping this sensitive information away from any risk is really important. Here are some basic rules:
- Consider your mnemonic phrase as a backup in the event that you lose access to your wallet. It should be used only for that purpose and in trusted wallets you previously used. Check a list of official wallets or well-regarded tools by the community here.
- All your passwords should be strong and unique.
- Make sure your computer is not infected with any harmful software. The best way to keep your computer clean is to only visit safe websites and download things from trusted sources.
- Using hardware wallets (e.g., Polkadot Vault, Ledger) is recommended to protect your assets.
- Don't download browser extensions or add-ons from websites or sources you don't trust.
Install the Polkadot Extension
We highly recommend installing the Polkadot extension. You can find links to download it from the official stores in this article.
Together with a hard wallet (e.g., Ledger), the Polkadot extension is the best way to manage your accounts, as it has many advantages:
- It provides better security than using the Polkadot-JS UI directly.
- Your browser won't "forget" your accounts if its cookies are cleared.
- The extension recognizes all known Polkadot scams and alerts you when you access a phishing site. This will help you protect yourself and your funds.
ℹ️ INFO
In addition to the Polkadot extension, you will still need to use the Polkadot-JS UI to manage your accounts.
How to identify scams
⛔ READ THIS FIRST!
You should never share your mnemonic phrase with anyone or enter it on websites. If you do, consider that account as compromised and act on it as soon as possible.
You should be aware of the different strategies scammers use to try and trick users. Here we have listed some tips to help you identify these methods and how to avoid them. It's not an exhaustive list, so always follow the recommendations from the previous section to keep your mnemonic phrase and passwords safe.
And, most importantly, always think before you act!
- First and more important rule: Never share your mnemonic phrase or account password. Your mnemonic phrase, password, private keys, or other private information must never be shared with anyone or entered into a website.
- Scammers will also try to give you a sense of urgency to access "giveaways", "air-drops", or some "deal." They do it so you don't have time to think and act rationally. Take your time to think, analyze it, and check other sources. Again, never enter your mnemonic phrase to "claim" any rewards.
- Do not trust messages sent to you over social media. Admins or employees will never message you. Scammers will often imitate the usernames of community members to offer "deals" (sell assets at a discount, air-drops, etc.) or offer to "help" you.
- Do not enter your mnemonic phrase to "sync" your wallet or fix a problematic transaction.
- Like scammers might pretend to be someone else on social media, they can copy a website to trick you. It's important to be extra careful and check the website address (URL) multiple times to ensure it's official.
- Scammers might create fake blog posts, so double-check any new information by looking at an official source like Polkadot network's official blog, Polkadot Support, or official sources.
- Follow common sense, and remember the golden rule: If something is too good to be true, it's probably a scam.
If you think you have been a victim of a scammer or a hack, carefully read the following article:
What To Do If You Fell Victim to Scam or Hack
The above is the most basic security measures one should take to safeguard their accounts, but following this wiki article (also linked above) provides detailed advice on how to recognize and protect yourself from scams:
How to Protect Yourself from Scams
Did you find it helpful? Yes No
Send feedbackDisclaimer: We always strive to provide you with the best support we can and we take all care to ensure that our instructions are accurate and concise. However, following these instructions properly, as well as the general management of your accounts and funds, is ultimately your responsibility. Web3 Foundation cannot be held liable for any accidental loss of funds or any other damage you might incur.
