The Common Pitfalls Of DeFi & How You Can Keep Yourself Safer (Guest Article By WDWP #17)

Nov 20, 2022 | Guest Articles

If you’re just joining us, welcome! 2022 has been one long bear market for the macro environment. The downfall of many centralized entities has led to rallies for individuals to move away from centralized finance (CeFi) and into decentralized finance (DeFi). Unfortunately, many come into the crypto space wanting the freedom of DeFi but with the security and support of CeFi.

“Not your keys, not your crypto” is a phrase championing for self custody of your assets away from these centralized organizations. What many new investors are unaware of is that entering the world of DeFi for the first time is very similar to a sheep leaving its fenced off farmland, guarded by gray wolves and into the world of hungry black wolves, just waiting for the opportunity for some fresh meat.

The rest of this document is a guest article written by Wolf Den Wolf Pup (WDWP) #17, Malek, that will outline some common pitfalls of DeFi and hopefully after reading the article a couple of times and armed with the knowledge, will help to keep you just a tiny bit safer in the wild wild west that is DeFi. Enjoy!


Table of Contents

    Hate scams and falling for scams? Me too. Have you noticed scams are easier to fall for in a bear trend? I am assuming because people are hurting and trying to recover some of their losses. The decision to “click” is usually motivated by greed. 

    Scammers tend to use a very specific language when they are posting their scams. They know people are hurting, and use that to entice you to click on links. 

    Sometimes that’s all it takes for you to be the loser in this transaction.

    What Makes A Scam Stand Out?

    You have a lot better chance to identify scams when you know what to look for and how to spot a potential SCAM. Luckily all it takes is for one person to fall for it to be known in the crypto/NFT space. I am exposed to social media often due to my work, and am constantly finding new creative scams that people fall for. However, a lot of people don’t pay attention to this since they have less exposure to social media and the web3 community. This often results in the same scam being utilized over and over again and unfortunately, leading many people to fall for the same scam. In fact, you could be sharing a scam without even knowing it. Be cautious and very picky on what you want to share on your profile. 

    First you need to know where these scams usually happen. There are 3 main social media platforms (Twitter, Telegram, Discord, this does not mean you won’t find them on other platforms). These platforms are targeted mostly due to their crypto and NFT activity. They are some of the main platforms holding a lot of users for communication when it comes to cryptos and NFTs, making it a haven for scammers.

    More exposure = more potential targets.

    Less work = more scams being created.

    How Can You Avoid Falling Into Scams?

    You often see people on social media tell others “How easy it is to identify scams and how surprising how often people fall for them”. While it might be easy for some to identify the scams, assuming everyone has the same knowledge to identify them as well is kind of ignorant.

    How can we change this?

    If you see a scam, try and warn others of its existence. DO NOT SHARE LINKS, I usually screenshot and block the link before warning my communities about them. I don’t particularly think we can EVER remove scams from happening. There are always new ways to approach people, and some of those scams are very creative. The best thing you can do to protect yourself is to learn about them and educate others if you happen to fall in one. This is part of the reason why I create content like this. The more we can spread the knowledge, the more likely you can protect yourself and others from falling for these scams.

    There are just as many scams in the bear market as there are in the bull market, if not more. The approach a scammer takes is usually similar. They entice users with money or fake promises to make them participate. I have two rules that have protected me from getting scammed personally:

    1- If it’s too good to be true, it probably is not true.

    2- Never click any link from any social media platform.

    Platforms That Get Targeted:

    The main platforms that are targeted:

    Telegram

    Discord

    Twitter

    Facebook

    Reddit

    I will cover the main 3 in this article and Facebook and Reddit will be addressed in a future article.

    Telegram

    These scams usually target crypto users/investors. Most of them come from “Call Channels”. In most cases, at first glance, these channels look very promising. They have large audiences. The posts get a lot of views. The channel owners share screenshots of people “winning”.

    All that looks good, but here’s the thing: IT’S ALL FAKE and I’m going to prove it to you right now.

    PUMP calls are all scams. There is a difference between “signals” and “pumps” and even if there wasn’t, it’s still very unethical. What these channels usually do is buy a large number of fake bot accounts (they are dirt cheap, you can get 1000 accounts for as little as $10 and create a mass message & spread the bots across many channels).

    This is how these messages usually look like ⬇️

    Moderators of the channels are usually quick to remove these from their main chat if they are available & paying attention. A better solution is using a moderation bot such as Combot. You can set different commands to the bot to remove any channel being shared inside your community. Combot identifies these channels being shared and quickly and can ban the users and delete the message before anyone else sees it. There’s absolutely no need for members to be sharing channel names inside of a community. It increases the risk and is a security problem.

    Be sure to mention to your community and create rules where no one should be sharing channels publicly. Scammers are unfortunately getting smarter as well and often times they don’t use the “@” to post their channel which does not trigger the Combot. Some random user promising you 5x on trades is very fishy and most likely is a scam. People unfortunately keep falling for it because It looks “promising” so be very careful what channels you want to join.

    Example

    • The group seems to have a lot of followers (31k users).
      • Most of these are fake accounts. It is very cheap to buy telegram fake profiles. 
    • There are a lot of views on each message (7.8k views).
      • Does it matter how many views are on the post if they are all fake profiles? You and a small group of people might just be the only real account actually looking at it.
    • They share the links to make it easy for you to click and participate.
      • They are not trying to be helpful. They are just making it easier for you to click so they can scam and benefit from you.

    Here is what that specific pump from the channel above looks like:

    They launch a contract and a token and promote it as the “next pump”. Those green candles are what you are buying. The big red candles are what they are selling as you are buying. In a lot of cases the contract does not allow anyone to sell except for approved wallets. That is called a “honeypot” contract.

    Example

    Here is another one shared in the same channel encouraging users to buy by sharing a direct link to the chart and the buy link. As you can see it’s the same trend. Big green candles which are usually the buys from users and bots and then a large dump at the top. People who are chasing green candles and “I want to get rich quick” will usually participate in these type of pumps. Even if you do end up with profit, these are not real projects and have no future. You can equate it to gambling with your money and in most cases, it’s your loss with no gain.

    If this is what you want, then you are the only one responsible for your decisions. I just gave you multiple reasons why I don’t personally participate in any “pump” groups, regardless of the users count, or the fake “testimonials” they share.

    Example Of “Testimonials”


    If you pay close attention you’ll see why these are fake testimonials. Here are two different groups with a large number of users. They are literally the same messages cropped so you can’t see the name. 

    Same testimonials. Same message. Different audiences.

    Some random person sharing screenshots are not testimonials. 

    These are just a few examples of many scams that happen on telegram. I personally do not follow the crowd. So when I see something like this being shared, I know to stay away from it. This includes all the DMs from random users. Sometimes these bots will type your name as if it’s a personal message & share with you AMA groups, call channels, new projects etc.

    DO NOT CLICK ANY LINKS. You won’t be doing yourself a favor and would be only increasing your chances of getting scammed. Scammers don’t have any dignity. Protect yourself by setting up some rules to follow. Assume everyone is trying to scam you and you will most likely stay protected. 

    DISCORD

    This is another platform scammers love to use. This is a little different from telegram. In most cases on telegram you lose what you invest. In discord there’s a different approach since its mainly about NFTs. 

    The number one rule to remember: DO NOT CONNECT YOUR WALLET TO RANDOM WEBSITES SHARED ON DISCORD. You would be putting all of your assets as risk. If you happen to connect to a website that you are unsure of, you can always go back and revoke all connections to the website including the contracts. This is comprised of two different steps.

    1. You can un-connect your wallet from approving the website on the wallet settings.
    2. If you approved a contract, then you would have to revoke the contract.

    You can revoke contracts on multiple different sites. I often use beefy finance for BSC (https://allowance.beefy.finance/) and Revoke.cash for ETH (https://revoke.cash/). I urge you to google both and research before using them. You can also revoke any ETH contract on Ethereum Scan Token Approval website (https://etherscan.io/tokenapprovalchecker) or BSC contract on BSC Scan (https://bscscan.com/tokenapprovalchecker).

    The best way to protect yourself on Discord is by turning off your private messages. I personally don’t see any reason why someone would need to DM me privately in discord. If it’s a DM, I am going to assume it is a scam. 

    Turn off your messages on discord by following these steps:

    Step 1: Go to your profile

    Step 2: Go to Privacy and Safety

    Step 3: Check the “Keep me safe” & Turn off the “Allow direct messages from server members” picture for reference

    Let’s look at some of those DMs that they send. Remember, you won’t have to deal with all of this if you follow the instructions above and turn off your private messages. However, if for any reason you get a DM, you can still protect yourself by not clicking any links and joining these channels. Do others a favor and report all messages like these that you may receive as scam.

    FREE NFT: These scams are very popular and surprisingly people are eager to click. An NFT is only worth something if its a legit project with

    a legit community. These channels usually have a large following. But just like the telegram channels, most are bots and not real users. Also keep in mind that an “active channel” does not mean it’s real humans. In fact a lot of those projects end up purchasing a service such as “Chatter”. Chatter is a service that you hire and they send real users to chat inside the community. However they do it because it’s a service they provide & offer. So even though 

    the users might be real, the project could still be a scam. 

    Enticing users with “FREE NFT” works really well. Most inexperienced users are chasing to go “to the moon” and in most cases, they do not evaluate their risks, which ends up harming them in the end. 

    You might say “What’s the harm in getting a free NFT drop?” Here’s the problem: once you connect your wallet and approve the contract, you put your entire wallet and all assets connected to that wallet at risk. Approving a contract could give the contract access to your wallet & assets. This is where the trouble begins but it doesn’t end there. Your wallet is not unusable. If you try and send anything to your wallet, it will be taken out. 

    I do my best NOT TO participate in any new mints. However, if I do, I do not use my main wallet. You can always create a spoof wallet and send ONLY the amount you need to mint with. If it turns out to be a scam, then you will only lose what you sent to the wallet, and you wouldn’t have to sacrifice your entire assets & collections.


    Another popular scam on discord are “Signals” channels. Just like in Telegram, in most cases those are contracts created with one intention in mind. The risk is always there. Do yourself a favor and avoid these Channels. I have yet to meet anyone who participated in any “Signal Groups” and came out a winner. There are some that can be verified. But I promise you these channels are not marketing in your DMs. There are some great courses out there that show you how to trade if that’s something you’re interested in. However there is no shortcut. If you really want to learn how to trade, research some of those courses and see if it’s something you would be interested in. 

    Once you have learned how to trade, you won’t need to chase “Signals” & PUMPS. This is mainly the problem. Most people that fall into scams are very uninformed and usually just trying to get rich quick. I promise you, while there are some chances that you could hit jackpot, it’s not going to be from any of those channels. If it’s too good to be true it is probably because it is not true. No shortcuts. Immerse yourself into learning about crypto, NFTs & web3, and you will make much better decisions. 

    Don’t fall into any of these fake promises from random users you don’t know. 

    Again here, if they promise you “profit” instead of “knowledge” then it is something you probably want to avoid. You will notice that after a while, these accounts that send you all these groups are no longer in existence. You will not be able to hold anyone accountable for your actions and your decisions. There is no “Crypto Police” to call. It is your responsibility to keep yourself and your assets safe. This trend of “clicking” everything can get you in deep trouble. Put your curiosity to where it matters. Be curious to learn rather than seeing what those channels are about.

    Twitter

    Every scammer bot’s favorite platform. What is unfortunate is that Twitter seems to have not found the solution or have done nothing to stop these bots. Therefore you need to be aware of those scams and not rely on Twitter to protect you. It is very easy to identify real and fake accounts if you know what you are looking for. Before I share a few of those scams with you, here are some ways you can find out if an account you’re interacting with is real or fake:

    • They have an inactive twitter. You will notice that they only “reshare” and comment under posts. Usually their comments are either hashtags of a project they’re promoting, or a link to click on. They don’t often create their own posts, and when they do, it’s random and there’s no consistency in the message they are sharing on twitter. 
    • They share a lot of suspicious links. You can see all their comments on other posts by clicking on “Tweets & Replies” . This section will show you all the comments they’ve created. 
    • They use expensive NFT PFPs (like BAYC) but have little to no followers.
    • They share screenshots of expensive NFTs and ask you to like, and retweet for a chance to win. If you scroll down their profile, you will see them doing 3-4 a week giving away very expensive NFTs. Once they have a large following and high engagement from these activities, they change their account name and picture to a project and fool people into clicking the link since they are “following” them the user often thinks it’s a project they have followed previously.

    These are things you should always watch out for. But to quickly sum it up.

    1. No one wants to give you free BTC
    2. No one wants to give you a 30k NFT
    3. No one wants to give you FREE money. 

    Don’t be blinded by greed. Focus on being apart of great communities and learn throughout your journey the proper way. You would be surprised how much improvement you’ll have if you just focus on education and learning rather than just chasing “the next big thing”.

    Here is a popular trend lately. It’s easy to target gamblers. Their risk tolerance is higher than the average user. There are a ton of scam websites being promoted recently targeting gamblers. This here is an example.

    I did not click the website link, and I encourage you not to either. But i will show you how I see these accounts. 

    1- They’re promising you free money to start playing.

    Assume that the company has thousands of users. You think it’s profitable to give each user a $500 dollar bonus when their entire following is 3000 users? If it were a big reputable company like a known gambling website, the bonus to start playing is usually given in currency you can only use in the game. Making a bold promise to give $500 bonus to each player is a big red flag for me. Common sense really.

    2- Their bio has grammar mistakes.

    Assuming that this is their official account, you would think that they double check their grammar.

    3- Scrolling down their feed you’ll notice that they get a lot of likes and retweets but hardly any comments.

    This is because it is cheaper & easier to pay bots for likes and retweets. Comments on the other hand, it needs to be set manually. Meaning if they want

    1000 comments they would either ALL have the same comment (which looks fishy of its own), or they would need to customize 1000 messages for 1000 bots to make the comments look legit. They don’t usually take that route because it requires a lot of time to set up and those guys usually want “in and out” to scam as many people as they can at once. 

    AVOID TRYING TO VISIT THE SITE.

    Another scam usually looks like this. “Thank me later” is a big red flag. It doesn’t take much to identify the account as a bot or a scammer. 

    They are using a very expensive PFP (BAYC), and have 1 follower. That is another red flag for me knowing that the BAYC community is very exclusive and very active on each other’s accounts. Plus most are OGs that have been around for a long time and you can clearly tell that this account was just recently created and has little to no engagement on their posts and only a few posts they created.

    Bot accounts are limited to what they can do. Most bots accounts have just a few functions. Only “Retweeting” posts makes me believe that the account is most likely fake. Another red flag is they do is comment under posts & usually only use hashtags. You can check their activity just by scanning their profile. Use common sense and if something doesn’t look right then you are probably onto something.

    There are the steps I personally take to identify accounts as legit:

    • They post relevant topics, and interact with the users in the comments.
    • They post consistently and have a lot of content on their page.
    • When visiting “Tweets & replies” their replies under others posts are relevant to the topic of the post itself

    If they don’t fit the characteristics above, this tells me that the account is most likely fake. I would be very cautious interacting with these accounts, and never click any of the links they share. One mistake could cost you a lot of assets. 

    Be careful from falling into “airdrops” scams. 

    1Inch is one of the most reputable DEXs on multiple chains they don’t do any airdrops. So if you see anything similar to this scam avoid at all costs. Notice that i am not even interested in opening the DM, or seeing what the tagged post is about. Don’t let your curiosity puts you at risk. ALWAYS DOUBLE CHECK THE URL. The best way to be sure of the website you are visiting is through Coinmarketcap.com and coingecko.com. Visit their website and search the project you are looking for. You will find all their socials available on these websites. Be sure to check the details of the project (like price, market cap etc) this will help you identify the real projects and avoid any scams. Unfortunately there are many scam projects that get listed on these websites too. So make sure you are visiting the right project by verifying the contract, price, market cap, Etc. 

    One look at the profile and it is very clear that it’s fake. This is why you should NEVER get trigger happy and start clicking on links without verifying the users. 

    • The user name is randomly generated. 
    • The follower count does not make sense knowing how popular 1inch is.
    • There are no tweets & its not being followed by anyone I know

    Influencers & Promoters

    Be careful from influencer and promoters accounts and what they promote. Whether you are a crypto investor or a project looking to collaborate for exposure. You need to understand how these accounts work. 

    This account has almost 1m followers, yet their engagement rate is below 1%.

    That tells me they use a lot of bots for engagement to make their promotions look attractive. These guys will promote anything as long as you are paying. The end result? Promoting a lot of scams.

    Guess who ends up buying these scams? People who chase hype. Even when it’s manipulated, you’d be surprised how many people fall for influencers.

    This had been a very popular topic after the bull run ended. People were chasing the next thing, and the next thing. At the end of the day most of those “influencers” are not real. A picture of a person doesn’t mean they are who they claim to be. Unless they have verified themselves on videos, then there’s a big possibility you are just falling for scammers, not influencers.

    You won’t be able to hold other people responsible for your actions & decisions. The best practice is to do your own research. Maybe you see your favorite influencer promoting a project, that’s fine as long as you do your part and do the research yourself.

    Often projects choose to collaborate with these influencers for some of the reasons you see above. Instead of having your own marketing team, it’s easier to just hire someone thats willing to give you all the marketing you need. 

    But here’s how I look at it: If you need to advertise your services in this manner, to me it’s one of two things:

    1- Your service is not wanted for whatever reasons, and you are desperate to make a sale.

    2- Scammer.

    In both cases the losing party is YOU. Not them. It does not cost much for them to buy a  bunch of fake likes and comments, but you are most likely paying top dollar for these fake services. 

    Don’t cheat your customers. 

    Don’t cheat yourself. 

    Be ethical in everything you do and build your name and project slowly. 

    This is what my DMs look like. I assure you there’s less than 1% of the entire folder that is legit.

    Are you going to take a 1% chance on yourself and your project? I don’t and wouldn’t. 

    I don’t think I can fit all the available scams on one document. Everyday there are newer and more creative ways coming out to scam users. Hopefully now armed with this information you can better protect yourself. Set yourself up with rules to follow and use common sense & don’t go “trigger happy” with links, especially from people you do not know. 

    Stay safe and good luck.

    More Resources

    Check out Malek’s TG group where he frequently drops valuable pieces and content like this.

    TG- https://t.me/web3heroes

    Your subscription could not be saved. Please try again.
    Your subscription has been successful.

    Guardian Academy "Force Multipliers"

    Enter your best email below to get the full set of trainings, syllabus and resources sent directly to your inbox:

    DISCLAIMER: These articles are for educational purposes only. Nothing in this article should be construed as financial advice or a recommendation to buy or sell any sort of security or investment. Consult with a professional financial adviser before making any financial decisions. Investing in general and options trading especially is risky and has the potential for one to lose most or all of their initial investment.