Today I bring you a topic that several of us who are in Telegram communities, use Twitter networks or use websites that interact with sensitive data or resources are aware of.
If we talk about scammers on the Internet we have material to put together an extensive book. But today I want to focus on one type of scammer in particular.
The impersonators of profiles or communities are a particular breed that is already being studied and that, fortunately, many quickly identify.
They are generally lazy, they usually don’t try very hard to investigate what they are impersonating, so it is quite common for them to make mistakes that expose them.
They are desperate to be able to scam you as fast as possible, so an unusual insistence should turn on a red light.
And the most obvious thing is that they always end up asking you for money (directly or indirectly) when the person or community they are impersonating shouldn’t.
As I mentioned, many of us who have spent time on platforms, spaces and online communities are somewhat force-trained (it is something that is dealt with every day) and even so, there are times when we fall, but there are people who are beginning to integrate into these tools and end up being susceptible to these types of scams, which are often not so obvious.
I am going to bring you a recent example in one of the communities of my Powabit project:
The scammer creates a user or group by changing a letter (so that the name is accepted), but that letter looks almost identical to another, so at first glance it seems legitimate.
In this particular case he uses the old trick of the uppercase i (I) which looks the same as a lowercase l. For which at first glance it seems to be the official name.
This is very common and you should always check the names in a text/code editor, use a font that differentiates all the letters and remove the styles from the text. For example, I usually have a code editor like Atom open, I copy and paste the texts there and identify inconsistencies.
Another recent and similar situation was when I did the 150 BUSD raffle on my twitter, a scammer tried to impersonate one of the winners, exactly copying his profile and using the “l = I” trick.
I also remember when a friend was scammed, stealing his funds from his wallet that cost him so much to get, in a fairly common situation: Support groups.
Generally in these groups you are warned about the fact that no official member is going to contact you privately and ask for some kind of sensitive information. But scammers are fast and sometimes organized.
In this case, the guy had a problem with a transaction which had been stalled in his Atomic wallet. He turned to a support group of his wallet to seek help, automatically as soon as he joined it, he is contacted by an account posing as official support of the wallet (with a convincing name and image), formally requesting him to tell him about the problem he has and after a little circus, he sends him to a scam web to access his account and “unlock” the funds. That scam web, asked for the seed phrase (which the wallets warn us NEVER to share with anyone or anything). What happened afterwards we can imagine, his wallet completely emptied.
Another very common case that I have seen quite often (and they have also tried it with us recently) and is the impersonalization of websites (this is called Web Phishing). A very common flank of attack in what is DeFi are launchpad platforms such as PinkSale, DxSale. To which surely they have already gone through the impersonation of their respective “l”, but they do not stop there, there are several special characters that can be registered in possible domain names or groups of characters that can be read very similar to the originals. Unfortunately, dixlexics have to make a great effort and take the time to review this type of thing 2 or 3 times.
As well as these cases there are hundreds of others that appear every day. Fighting them is the joint work of administrators alerting their communities and members reporting new cases that appear.
I am going to leave some basic tips that in my opinion can help new members of platforms and communities to be more attentive and identify these criminals.
The tortoise beats the rabbit:
Sometimes we want to go fast and we feel good when we start to familiarize ourselves with the tools and be able to do things much more agile than when we started. But this point, although it can save us time, when we are interacting with financial assets, it is better to review things 2, 3 or more times (it never hurts). Since when do we copy a link, a wallet delivery address, a user’s nickname, among others.
Official websites, the index:
Generally in most large projects or communities there is an official website or channel which provides links to all networks and official members. If you were contacted privately in a mysterious way, go to the official media and compare.
Sometimes we think that Google is going to keep us safe (and it tries quite well), but it is not without its problems in its search results. Sometimes phishing takes place in paid advertisements that masquerade as what you are originally looking for. This is something that Google’s security filter seeks to mitigate, but can sometimes fail.
The classic express scammer:
I have already mentioned at the beginning of the post some classic characteristics about scammers who start “fishing” for victims, they usually write badly (or they do not write in the correct language), they are rarely incisive (sense of urgency) and most importantly, they go to ask for money or to interact with an application that has to do with your wallet. Sometimes the scam can be more elaborate and these points do not apply or are not so obvious, but it does not hurt to take it into account.
Surely there will be a second part to detail some more questions on this particular topic and later I want to talk about security aspects to take into account in dapps.