Common victims of scam or phishing website over the internet are the beginners in crypto. There's a lot of bad people nowadays are taking advantages to our newbies.
There's a lot of people that first impressions on crypto are scam/fraud or full of scammers, they are wrong, it's on how they use crypto or how they treat it. Even how powerful technology nowadays, we still need to think twice, we need to ask questions if there are any suspected things you saw on the internet.
To avoid these kinds of scam or phishing, we need to learn and explore things. We should know basic securities of surfing into the internet.
Look at this chart by
Google, every year, Phishing sites are increasing. (
This data is for general Phishing sites, not only for crypto)
1. Bookmark your crypto sites.
Use those bookmarks and only those. Don't type in the addresses by hand.
2. Do not trust random URLs.
Do not trust communications, addresses, or URLs sent via private message. Always verify information with a secondary source.
Don’t click any link related to anything crypto, money, banking, or services like Dropbox / Google Drive / Gmail in any email ever.
And if the scammy clickbait was simply too irresistible for you, don’t enter any information on the page.
Never enter your private keys, passwords, or sensitive data on a website that you were sent via message.
3. Turn on 2FA for everything.
Go do it. Right now. Quit your excuses. Choose Google Authenticator over Authy. Don't use your phone number. Then, make sure your phone number is NOT tied to your Google account (look in privacy settings). Turns out, you and your BFF Mr. Hacker can "recover" access to your account via that number, completely destroying the point of 2FA.
PS: MyCrypto is client-side, meaning 2FA won't do anything in our case. 2FA is for ensuring the security of your password on a server.
PSS: Don't forget to cold store your backup words for these 2FA things. It's a huge pain when your phone goes for a swim and your entire life is 2FA'd.
4. Always verify that the site you landed on is legit.
Especially if you are about to enter your private key or download an application. What is legit? A service that people have used for a decent period of time with good results. If the URL has been registered in the last week or the site "just launched," err on the side of caution and avoid it for a while.
5. Lastly: Use your brain.
Think for a moment. Don't assume—ask. Don't blindly follow—question. If something doesn't seem right, if you feel like the luckiest person on Earth, or if you find yourself pondering, "I wonder why I haven't seen this on Reddit yet," there is likely a reason.
These are the list of browser extension/websites that you can use to prevent these kind of danger browsing the internet: 1. Metamask- Browser Extension This extension is also an ethereum wallet, but this extension can help you to detect a scam/phishing websites by just installing this in to your Google Chrome/Mozilla browser. MetaMask is an extension for accessing Ethereum enabled distributed applications, or "Dapps" in your browser!
Mozilla Add-ons
I tried to use Metamask extension in Google Chrome and visited a Phishing Website and look at what is the result!
2. https://www.etherscamdb.info/scamsYou can use this website to report or check every website involved in crypto. An easy-to-use report function helps us identifying all the current scams so we can add them to the database.
Link for reporting suspected scam/phishing website: https://www.etherscamdb.info/report3. EtherAddressLookup Chrome Extension 
Most common uses:
- Linkify Ethereum Addresses
- Block you from malicious domains
- History Checker
- Twitter Trust Badges
There's also "Bookmark your favourite domains" and "Custom RPC node", but I haven't tried that. For more info and detailed descriptions visit their
website. The last three features given above are really helpful,
I can say based on experience.
1.
Block you from malicious domains : They have a record of blacklisted domains and if you visited one, you'll see this:
2.
History Checker : You can check your browser history anytime (last 500 only), this helps in checking if you've visited a site before that has been recently blacklisted. Just go click "More Settings" in your EAL Extension and you'll see all the details there / perform the action.
<image here> check the quoted post
3.
Twitter Trust Badges : They are providing 3 types of badges in twitter. I'm seeing this, but I chose to provide the info and images they have provided [source here >
Twitter Badges]
a. Verified/Whitelisted : This means CryptoInfluencers or EtherScamDB have whitelisted your Twitter ID.
b. Blacklisted : This means the account is an imposter or tweeting in way to scam or phish users of their funds.
If you want to report a domain via EAL - you'll be redirected to etherscamdb too.
Also thanks to
riritsurya1202
This browser add-on is the most effective security and compliance solution for protecting your personal identity across every channel including the web, email, cloud, team collaboration and social media.
How the visual indicator works:✔️ Green Shield = Safe
✔️ Black Shield = Unknown so proceed with caution
✔️ Warning Page = Dangerous
Thanks to
whotookmycrypto for this.
5.Malwarebytes Browser Extension This kind of extension is more likely the same with Metamask/EtherAddressLookup extensions. Creator of this extension has also software for anti-malware. This extension is also good for preventing to access some websites contains malware, link for mozilla add-ons
add-ons
This is where Malwarebytes Browser Extension can help you:Protection from tech support scammers: Blocks browser hijackers, and browser lockers, which are used by scammers to drive victims to call centers that use scare tactics to sell expensive technical support (that you don’t need).
Read more here:
https://blog.malwarebytes.com/malwarebytes-news/betas/2018/07/introducing-malwarebytes-browser-extension/5.Brave Browser - Mobile and Desktop Here comes one of the best project of crypto, created by the Basic Attention Token(BAT). This is quality browser, not only for desktop but they already have on
Android and
IOS. This kind of browser is also the best for Adblocker, such as different ads about crypto, which some are lead to a phishing website or scam websites. If you hate ads, then this browser is good for you and bonus you can get rewarded for browsing.☺
♦Browse up to 3x faster
♦Block ads & trackers that follow you around
♦Get rewarded for browsing
Read more here:
https://brave.com/features/
How to report suspected phishing website?You can use the Report Phishing Page of Google
Link:
https://safebrowsing.google.com/safebrowsing/report_phish/Or if you discovered phishing website about crypto, you can use EtherScamDB
Link:
https://www.etherscamdb.info/report6.Email Phishing (Be aware) As what I experienced before, I get randoms emails from some email address (most are imposter of exchnages).
Be aware of those emails that include a phishing link that includes a link contains phishing site.
Like this:
Image: https://www.hackthissite.org/forums/viewtopic.php?f=38&t=14605&sid=3141f06f1b909e702c2821d34ec91ebeAnd:
Image: https://media.kasperskydaily.com/wp-content/uploads/sites/92/2015/03/06041121/facebook-phishing-example-en.pngAs you can see, it contains suspicious email as seen by the image.
(most of that kinds of emails can be found on your spam folder of your email)
Just always check every link given to you by e-mail.
Do you have more information or tips about phishing/scam websites? feel free to post it below. Let's help our newbies to be free of scammers/hackers in the cryptoworld..
