Autonomous security awareness: Protect ownership and control of on-chain assets
The blockchain concept is now being gradually understood by more people, but at the same time, the decentralized nature also provides opportunities for criminals. đŁđ¨Recently, a series of incidents occurred in the Qitmeer community where user assets were lost, which once again reminds us of the need to strengthen the security protection of crypto assets.
According to Qitmeerâs recent statistics, there have been five asset security incidents in the Qitmeer community since the second half of 2023. These events resulted in a total loss of approximately 28,000 USDT, including 9,942 USDT and 89,528 MEER. It is worth noting that one of these cases was caused by acquaintances stealing the private key of the mnemonic word, while the remaining four were fraudulent acts by criminals posing as community management identities to send phishing links.
These incidents have had a certain impact on the reputation of the Qitmeer community. In order to prevent the recurrence of similar incidents, the Qitmeer community will further strengthen safety education and hold safety education activities from time to time to improve usersâ awareness of prevention.
â ď¸Here, we once again remind Qitmeer users and friends that we should keep in mind a principle: whoever owns the private key of the wallet has ownership and control of the assets on the chain. A high level of vigilance should always be exercised when dealing with asset security issues. Asset security is an important aspect that any organization or individual should take seriously, regardless of its size.
Secondly, in order to better protect the safety of personal assets, we should actively participate in various asset safety activities to improve their safety awareness. It is important to understand common scams and prevention measures, and you can increase your own prevention ability by participating in community sharing and learning from othersâ prevention experiences and techniques. Through mutual assistance and cooperation, we can work together to prevent and reduce the occurrence of property crimes. In addition, we can also actively participate in publicity and education activities, spread asset safety knowledge through social media and other channels, and raise the publicâs attention to asset safety.
Common fraud methods
đâđ¨Here are some common scams used when crypto assets are stolen. Letâs take a look at how criminals use the psychology of users to achieve their purposes:
Impersonating official personnel
Criminals are good at lurking in various communities, when users in the community feedback and asset-related questions, fake community administrators will take the initiative to chat privately with users to help answer the questions. They often use a variety of words to make users anxious and seize the userâs fear of asset problems. Even though the user names are only a fraction of the difference, such as: I and L, 1 and I and similar word tricks, the user in the anxious mood can not be carefully discernable. Finally, under the induction of the fake administrator, the wallet private key is handed over or the user is guided to transfer the asset to the specified address, resulting in fraud and asset damage.
Fake official website
Fake websites are criminals who use technical means to copy the interface of the projectâs official website, which is often called a âphishing websiteâ. They usually also use the above text tricks to replace the letters of the official website address to make it difficult to distinguish, make users mistakenly believe that they are a legitimate official website, then put the fake website into various tutorials and send them out in the community or during private chats with people.
Because the interface is exactly the same, users will habitually interact and authorize the fake website, without realizing it, the private key of the wallet has been stolen by the person behind the fake website. Whatâs more, methods such as website ranking optimization will be used to improve the visibility and ranking of the website in search engines, thereby attracting more traffic and potential customers, making it difficult for users to guard against it.
False reward activities
Criminals often design fake reward campaigns, which may be spread via social media, email or instant messaging. Scammers will spread false claims that you have won a large sum of money or an exciting special reward, but only if you provide the private key or mnemonic phrase of your personal wallet. Remember, the official program will not ask you to provide this private information to claim your rewards. If you are asked to provide your private key or mnemonic phrase to receive a reward, be wary as this is a scam.
Fake links and applications
Criminals often use forged links or applications to lure users into downloading and using them, aiming to steal their sensitive information. This type of attack usually appears by masquerading as an official channel, such as a fake Metamask wallet or TokenPocket wallet, and providing a fake download link. To protect their assets, we strongly recommend that users obtain applications only from officially trusted sources and be sure to verify the authenticity of the link.
Official Verification Channel
đKeeping alert and learning how to verify the identity of the other party is an important means to prevent the fraud of criminals. Through the verification channel provided on our official website, we can more securely verify the source of information and avoid becoming a victim of fraudulent assets.
ăThe official verification channel supports verifying the authenticity of multiple sources of information, including website links, email addresses, phone numbers, wechat ids, Twitter accounts, Discord ids, or Telegram ids.ă
Please use only the official verification channel: https://qitmeer.io/#/verification
Here is a simple procedure for verifying Telegram ids in the verification channel:
Risk safety tips
đŤWe must always keep in mind the safety of our assets. Here are some tips to help you protect your crypto assets:
Treat information from strangers with caution:
Especially when it comes to personal and financial information, protecting your privacy and security is always of the utmost importance.
Be wary of trusting relatives and friends:
In the management of digital assets, we can not trust anyone too much, including relatives and friends. In order to avoid possible risks, we should be careful not to show the mnemonic private key to others in any form.
Any official managers take the initiative to chat privately:
Official managers will use formal channels, such as official websites, social media accounts or public events, to communicate and exchange with the public. Media information sources or official management identity information can be verified through official verification channels, and beware of possible fake verification channels.
Use a hardware wallet or offline wallet:
These wallets are generally considered a more secure option because they store private keys in an offline device, reducing the risk of being hacked.
Be careful with phishing links and phishing emails:
Criminals often obtain usersâ private key information by sending phishing links or emails. We should be alert to this type of fraud and not click on untrusted links or open suspicious emails.
Choose exchanges and wallet platforms carefully:
Choose exchanges and wallet platforms with high credibility and good security for trading and storing assets, and avoid using unknown or unreliable platforms.
Back up and keep your mnemonics and private keys:
Make sure you back up your mnemonics and private keys in a safe place and avoid disclosing them to others.
Make sure you get your App from official channels:
Official channels usually mean official media or app stores, such as the Apple App Store or Google Play Store. These channels are strictly audited to ensure the safety and legality of the application.
Vigilance against authorization:
In the digital asset space, vigilance against authorization is very important, and we should exercise caution in contract authorization operations and take precautions to minimize risk.
Beware of fake tutorials embedding Trojan viruses:
Especially when downloading and installing software, browsing the web, some criminals will provide tutorials or other ways to implant Trojan viruses into our devices, in order to obtain our personal information or control our devices.
In short, protecting the safety of assets is a problem that everyone should attach great importance to. We should always be vigilant, raise our safety awareness, and not easily believe the promises of others. At the same time, we also need to strengthen our security awareness and skills to avoid becoming victims of online fraud. If you notice any suspicious activity or receive suspicious links, please stop clicking immediately, and at special times, you should be vigilant to ensure the safety of our assets.
đşLet us work together to maintain the safety and stability of the Qitmeer community. We believe that only in a safe and secure environment can we better achieve our goals and values. Letâs work together to protect our assets and build a safe and stable Qitmeer community.
