Scams are an unfortunate reality of the crypto industry. The Polkadot community takes the matter of scam fighting and prevention very seriously. It is the first ecosystem with a dedicated and decentralized Anti-Scam Team that has taken great strides in protecting our community. However, you still need to be watchful and careful, and for this reason, we have compiled a guide on our wiki on how to protect yourself from scams, which we strongly recommend everyone to read. 


TABLE OF CONTENTS

Keep and protect sensitive data


⛔️ READ THIS FIRST!

It is imperative that you store your mnemonic phrases only on paper, in a safe and secret location!

Never keep it on any electronic medium like the cloud, your computer, on a USB drive, etc.


An unauthorized third party can only access your funds if they have obtained your 12-word mnemonic phrase or your JSON file and password. That's why keeping this sensitive information away from any risk is really important. Here are some basic rules:

  • Consider your mnemonic phrase as a backup in the event that you lose access to your wallet. It should be used only for that purpose and in trusted wallets you previously used. Check a list of official wallets or well-regarded tools by the community here.
  • All your passwords should be strong and unique. We recommend using a good password manager.
  • Make sure your computer is not infected with any harmful software. The best way to keep your computer clean is to only visit safe websites and download things from trusted sources.
  • Using hardware wallets (e.g., Polkadot Vault or Ledger) is recommended to protect your assets.
  • Don't download browser extensions or add-ons from websites or sources you don't trust.

Install a Wallet Extension for Polkadot


We highly recommend any of the wallet extensions listed here. Please only use the official links to download them.


Together with a hardware wallet (e.g., Ledger), a compatible extension is the best way to manage your accounts, as it has many advantages:

  • It provides better security than using web apps directly.
  • Your browser won't "forget" your accounts if its cookies are cleared.
  • All these extensions recognize all known Polkadot scams and alert you when you access a phishing site. This will help you protect yourself and your funds.

How to identify scams


⛔ READ THIS FIRST!

You should never share your mnemonic phrase with anyone or enter it on websites. If you do, consider that account compromised and act on it as soon as possible.


You should be aware of the different strategies scammers use to try and trick users. Here we have listed some tips to help you identify these methods and how to avoid them. It's not an exhaustive list, so always follow the recommendations from the previous section to keep your mnemonic phrase and passwords safe. 


And, most importantly, always think before you act! 

  • First and more important rule: Never share your mnemonic phrase or account password. Your mnemonic phrase, password, JSON backup file, private key, or other private information must never be shared with anyone or entered on website.
  • Scammers will also try to give you a sense of urgency to access "giveaways", "air-drops", or some "deal." They do it so you don't have time to think and act rationally. Take your time to think, analyse it, and check other sources. Again, never enter your mnemonic phrase to "claim" any rewards.
  • Do not trust messages sent to you over social media. Admins or employees will never message you. Scammers will often imitate the usernames of community members to offer "deals" (sell assets at a discount, air-drops, etc.) or "help" to you.
  • Do not enter your mnemonic phrase to "sync" your wallet or rectify a problematic transaction.
  • Like scammers might pretend to be someone else on social media, they can copy a website to trick you. It's important to be extra careful and check the website address (URL) multiple times to ensure it's official.
  • Scammers might create fake blog posts, so double-check any new information by looking at an official source like Polkadot network's official blog, Polkadot Support, or official sources.
  • Follow common sense, and remember the golden rule: If something is too good to be true, it's probably a scam.


If you think you have been a victim of a scammer or a hack, carefully read the following article:

What To Do If You Fell Victim to Scam or Hack


The above is the most basic security measures one should take to safeguard their accounts, but following this wiki article (also linked above) provides detailed advice on how to recognize and protect yourself from scams:

How to Protect Yourself from Scams