50
Many friends stepped on many traps due to misoperations, resulting in serious property losses. What's more, the return to zero in the bull market is really horrible.
Today I will give you a few typical examples. I hope you can take a warning and avoid these traps.
The security level of the trading platform is too low
Some time ago, the assets of a friend's trading platform were stolen and suffered heavy losses. I asked about the security settings. There was only one option for email verification, and Google secondary verification and SMS verification were not added. The password may be leaked because the email password was consistent with the trading platform password, and the assets were directly taken away by hackers.
Many people disagree with these verification details. It is usually recommended that you set the security level to: SMS + email + Google secondary authentication, especially when transferring money, turn off all api functions.
For those who are just getting started, because they don’t have a deep understanding of wallets, it is easy to lose their private keys. It is better to put their assets on a large trading platform. The platform is similar to the various Internet platforms we use every day. Just remember the phone number. , It’s actually easy to get it back.
However, for security, a few more thresholds (email and Google secondary authentication) are still set up. At the same time, if possible, it is recommended that the mobile phone SMS verification code and the Google secondary authentication code use different mobile phones to prevent the mobile phone from being hijacked, and the SMS verification code and Google secondary authentication are leaked at the same time. Although it will be more troublesome for you to use this way, the cost of hacker stealing is also very high.
Improper storage of private keys and mnemonics
It is understood that a big V on the Internet lost tens of millions of dollars worth of Bitcoin because the mnemonic phrase was placed in the cloud note. It is more taboo for private keys or mnemonic phrases to touch the Internet.
If you want to use a wallet to save your assets, the easiest way is to find an unused mobile phone, download the wallet, write down the wallet address and mnemonic phrase, if you are worried about losing it, back up one more mnemonic phrase, and use the phone and transfer at the same time Don't forget the password, but the mnemonic cannot be known to anyone. If the mnemonic or private key is leaked, the assets will be lost.
The advantage of this is that if your mobile phone is broken or the transfer password is forgotten, there are two stored mnemonic words that can be restored. If the two mnemonic words are lost, there are also mobile phone and transfer passwords. If the phone is lost and the two mnemonics are gone, the assets will be completely gone.
For convenience, some friends directly send the private key or mnemonic phrase through WeChat and other channels. If the security of their mobile phone is not good, it is easy to leak the private key. Even if you want to send it, you must send it separately, such as only the middle paragraph. , The first and last few characters to inform the other party by telephone is also a more secure solution.
A friend made a mistake before and sent the mnemonic phrase directly to the group. Fortunately, an acquaintance saw it and transferred his assets in time and informed it, but the consequences would be very serious. Retrieving similar incidents will be very troublesome. Due to the particularity of digital assets, it is a little troublesome for relevant agencies to file a case, so it is better to prevent it before it happens.
Enter the phishing website and reveal the private key
This year, a lot of people airdrops are very cool, but there are many bad guys fishing, giving you a fake link, saying that the airdrop requires you to enter a mnemonic or private key, and then all the assets are lost. Use your wallet to play DeFi or other NFTs, etc. Please remember that the mnemonic private key is everything. If you give this to others, you are giving money to others. Even if you want to receive an airdrop, you don’t need the mnemonic and private key.
If it is a real airdrop, it is recommended to operate through a common mobile wallet. This has the advantage that many DeFi projects can be accessed through our common wallets (imtoken, METAMASK, etc.). Some links are reviewed by the wallet party. The possibility of being phished is very small, and there is no need to enter mnemonics and private keys, just verify that you are eligible.
If the commonly used wallet does not have this item, then I think you should be cautious about whether this airdrop is worthy, especially when he needs you to use the mnemonic private key, you have to be vigilant.
Fake
In some cases, it is found that a fake Token, such as the HT moving brick project, you can receive several times the value of HT as long as you hit the other party's wallet address with ETH, which is called moving bricks. In fact, this is false and true, you can indeed receive HT, but this is false, and it is not the HT we think.
When you find that you can’t make the payment late and find the customer service when you recharge, the customer service says that you have been cheated. This is fake, so sometimes we have to zoom in to see the corresponding contract address and the official announcement. Whether the contract addresses are the same.
Because it is too simple to send a project on the ether at present, a lot of fake products should be carefully compared with the contract address. Other situations are similar. There are many hot projects. Some people say that there are quotas that can be released in advance, but in fact, it may be fake.
The computer has been tampered with with a hacked address
Another situation is that when many of us operate, the address is copied and pasted, but sometimes our clipboard will be lost if it is hijacked and tampered with. Some friends lost more than 100 ETH because of this reason. , It's also a pity.
Therefore, when we transfer money, we must repeatedly confirm that the address is correct, even if you transfer by scanning the code, you must compare whether the target address is correct. Many times we inadvertently relax our vigilance, and the target address is tampered with, and we ran to someone else. Up.
summary
The above five situations are some pits that are easy to encounter in operation. These are some real examples. For the safety of your property, I hope everyone can be vigilant and not greedy for small and cheap, so as not to lose big because of small.
