Author

Topic: You can avoid most scams by simply keeping your private key/seed to yourself (Read 188 times)

legendary
Activity: 1932
Merit: 2354
The Alliance Of Bitcointalk Translators - ENG>SPA
And we are not just talking about scams when we repeat the motto "not your keys, not your coins". It is about privacy too, now.

In Spain, for example, a new law is going to force custodial services, exchanges etc. to send all their customers' data to the IRS, and new regulations from the EU seem to follow the same way.
sr. member
Activity: 2436
Merit: 343
You gonna be thinking about why the site asks for your key or password which in the first place you don't have to open your wallet. From that point, you can also think of a scam attempt or hacking purposes.

This is very common in social media accounts, sometimes we click links that ask for login credentials. If we are too innocent about these tricks, we simply give these hackers access to control our accounts, the same thing happens to our crypto wallets.

* Don't click and ignore the links.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
An important part of your security is also blocking all pop-up messages in all your browsers. And as a consequence of this, the appearance of such windows should be a red flag.

Beginners are naive in that they know only one side of cryptocurrencies; that it is very easy to get rich here, and they are in no hurry to learn about the safe storage and use of wallets. Therefore, it is very easy to deceive them by promising a sudden profit in any of the pop-up windows.

But the golden rule for everyone is that before you create wallets and rush to invest anything in them, you need to fully master all the intricacies of safe handling of wallets.
hero member
Activity: 2520
Merit: 952
But i seriously doubt if anyone still fall for such trick.

If it were so, why do these scams popping up? Phishing is not a new thing.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.
Private keys, like it has the word "PRIVATE" first before the "Keys" are meant to be kept Private, just the same way we all cover ourselves so that other people can and will not be able to see our private parts even when they try to see it, like our d!ck and pnssy, so also are we all supposed to cover our private keys from preying eyes.

I met a guy who told me that he doesn't share even his wallet address with people he doesn't know in person, then I asked him, without you address, how then will i be able to send  some coins if i decide to gift you some?
He said he's just afraid that hackers might hack his wallet through his address.
Then i made him understand that hackers don't hack wallet through public wallet address but through private keys .
It is important that every newbie also know the difference between private keys and their public wallet address, so he or she dont one day make the mistake of giving out his or her private keys in place of the wallet address.

same thing also can be said about seed phrases as well, they are not meant to be shared with anyone, the only thing you share is your wallet's public address which acts as your account number if you liken your crypto wallet to your account in your local bank.
member
Activity: 994
Merit: 14
I have encountered series of these scam scheme where they ask you to enter your seed phrase, especially for air drop. Even as a newbie I knew that seed phrase should be kept private and safe and not be shared with anyone.

But i seriously doubt if anyone still fall for such trick.

And another thing, some people do not share their seed phrase with any one, but their wallet still get hacked. Why? Because they save their seed phrase on the internet.

Never save your seed phrase on notepad, your email, they could be hacked. Write you seed phrase on a jotter and keep far away.
 
legendary
Activity: 2408
Merit: 1102
Leading Crypto Sports Betting & Casino Platform
In the case of cryptocurrencies, the only assets we are protecting are the private key and the seed phrase. So, it's absolutely not a good idea to use them often and always check the popup when it asks us for a seed phrase.

I personally always store them off-net and I just use it every time I reset my hot wallet, if there's a strange site asking for the seed phrase, I'll just ignore them.
hero member
Activity: 2520
Merit: 952
...All this can be avoided when you choose a hardware wallet over a hot wallet..

How? Do hardware wallers not have seed phrase? Wallet type doesn't matter when one is being phished for seed phrase/pvk.

What you are describing doesn't look like a scam, more of a phishing or social engineering attack.

Well, any illegitimate attempt to part one with his money is scam in my eyes. Is phishing/social engineering not part of scammy ways?

You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.
No, this isn't enough that has a guarantee that you'll not scam.

Yeah well I never guaranteed anything — "...You can avoid most of such scam attempts... "
sr. member
Activity: 2506
Merit: 368
In addition not just keeping your private keys will help you to avoid scams because scammers nowadays are getting better at what they were doing. You should consider every possiblity that what they were doing might be a plot for you to scam e.g. phishing, doing reversible transaction, asking you to send crypto first, and many more. Although, this mostly the risk you should have to face when in crypto space but you can minimize those risk by simply finding the best and reputable people that you have to be dealing with your crypto.
legendary
Activity: 2492
Merit: 1232
You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.
No, this isn't enough that has a guarantee that you'll not scam.
If you remember back then 2018, the Electrum wallet server has been a leak and it was infected by identical phishing which when you open your Electrum app it will pop up the update link which content phishing link that directly uses a scammer wallet address and that incident stole estimated 200 Bitcoin.

You need more careful in handling your private key and properly using them, hardware wallets could be safer than other wallets.
It's very crucial if you will save them online, so it must always be offline and be vigilant always.
legendary
Activity: 3024
Merit: 2148
What you are describing doesn't look like a scam, more of a phishing or social engineering attack. Scams generally trick you into sending them money, because you think that it's a legitimate opportunity. So, things like tokens, NFT, DeFi, cloud mining are the most common and prelevant types of scams, while wallet security is more related to hacking and phishing. In Bitcoin there is no more important or less important threats to your coins, because there's zero chance of returning stolen coins, so you need to secure yourself from all dangers.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
All this can be avoided when you choose a hardware wallet over a hot wallet, you are always at the edge of any security bridge and a single crack will make you lose all you have.
It depends. Assuming you are only using a hardware wallet or any other but even very secure cold wallet, we should be careful of our online activities because some people can be scammed this way because they got hold of email of the victim. What if the person that become the victims was so novice to the extent that he got email phishing link that direct the person to a site that will demand for seed phrase, which should be avoided.
staff
Activity: 3304
Merit: 4115
Most noncustodial wallet always has a disclaimer as a footnote that you're responsible for the security of your wallet. You shouldn't even give your seed phrase to your closest person not to talk of some shady websites asking for your seed phrase. Anyone who has a legitimate transaction to do with you will never ask for your seed phrase.
Yeah, most require you to enter your seed these days to confirm as well, and it's clearly stated you shouldn't be sharing if with anyone else. I think we've done all we can in terms of hand holding. I do have sympathy for those that fall for this type of mistake, but at the end of the day they know they'll be controlling their money, and they should adhere to all the warnings. The only times which these warnings aren't present is with web wallets, which unfortunately is a problem since most new users will sort of gravitate towards them.
member
Activity: 499
Merit: 16
Most noncustodial wallet always has a disclaimer as a footnote that you're responsible for the security of your wallet. You shouldn't even give your seed phrase to your closest person not to talk of some shady websites asking for your seed phrase. Anyone who has a legitimate transaction to do with you will never ask for your seed phrase.
member
Activity: 546
Merit: 10
Your private key is the password that prevents other people from sending bitcoins from your address. the private key is meant to be known to you alone and whoever has the knowledge of this key can transfer and steal your funds. Securing your private keys will reduce the likelihood of compromise and the best way to secure your private key is to store them offline in a place not connected to the Internet. Avoid websites that ask for your private keys and never send this to anyone.
staff
Activity: 3304
Merit: 4115
There's no situation where you should be giving your private key or seed anyway. However, storing that isn't as simple as people might think. I do see a lot of users claiming they store it digitally, for me that isn't the best way to go about it, especially if that computer is or has been online, this includes USBs etc.

So, yeah I think this goes without saying for the majority of people. Software already warns you not to share your seed or private key with anyone. So, most people will be made aware of it.

hero member
Activity: 3136
Merit: 591
Leading Crypto Sports Betting & Casino Platform
It is like the victim is voluntarily going to hand out his private keys or seed phrases to that scammy website. I feel bad mostly for the newbie victims because this isn't just a crypto-related thing. This type of scam or phishing also happens in other industries like the banking industry where a link is being put to trick the victim into that they've done a transaction that was never authorized by the owner. So, this is the same as that and everyone just have to be aware of this tactic to avoid it.
hero member
Activity: 1106
Merit: 912
Not Your Keys, Not Your Bitcoin
There is recent rpc scam where user sees a popup (when using particular hijacked rpc) and asks user to go to scammy site to enter seed phrase.

You can read about it here: https://nitter.net/officer_cia/status/1542829400143568897

You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.

All this can be avoided when you choose a hardware wallet over a hot wallet, you are always at the edge of any security bridge and a single crack will make you lose all you have. Seed phrases are supposed to be cast on metal sheets, more often than not, a secure passphrase should be concatenated as an additional seed extension to secure it more appropriately.
Don't keep your coins on any exchange or third party centralized organization like lending, always remember that your keys are your coins, if you don't have them, just know that you have no authorization to them until you make a request for withdrawals.
legendary
Activity: 1456
Merit: 1108
Top-tier crypto casino and sportsbook
You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.
And by also not being in a hurry but taking time to read through pop ups before you click to follow any link. Most of these pop ups use words like "emergency", "urgency", words that put you under pressure and may make you not to delay or second check before taking a decision. Taking decisions in a hurry can be very risky and some may cost you a lot. If you are not sure of a pop up on your device, try to be humble enough to ask someone who has more knowledge than you rather than deciding to try it out on your own first.

Newbies also need to be told that they do not necessarily need to put any details on such a website for their details as much as their seed phrase to be stolen, just merely clicking the link and visiting the website is enough for hackers to introduce a malware that can steal your seed phrase if stored on your device by itself.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Never trust a website that you didn't know that will ask for your seed phrase. I always think that I should be careful with my seed phrase and never type/input my seed phrase in a site that I didn't know or get redirected to just like in op where the user is ask user to go to a website. When something like that happen where a user is ask to go to a website and ask for seed phrase then it is a scam site. I just hope that they will find a solution to fix this, it seems this is a big problem to polygon.
hero member
Activity: 2366
Merit: 594
You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.

Seed phrase is like pin of your atm card. The moment you give your seed phrase to someone, you don't own that wallet anymore and transfer all the assets on different wallet before the hacker steals it.

There are others that will say you win this huge amount from a particular giveaway then ask you to input your wallet's seed phrase on the website that they will give to claim your prize. I don't see why some people still fall for this type of scam. They don't even bother researching first if the website is even legit.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
The private key must be protected. The seed phrase must be protected because it can generate the private key. Even after some wallets warned users to keep it (the private key or seed phrase) safe, some people still do not, but got lured to input the seed phrase on a website, be it a secure or not a secure site, the website owner can see the seed phrase and use it to steal coins on the address generated by the seed phrase.

But some scam are funny but actually what is happening which people should totally avoid, this are direct scam in a way a scammer told the victim to send bitcoin to a certain address in order to receive double of the amount sent, like this one:

Scam from Google Form, Crypto Donate.

I still remember when I was not yet on this forum, trying to get some free bitcoin, I registered on a site that indicated bitcoin is mined for me, told me to pay half of the amount that was mined (fake mining). It was obviously a scam and such should be avoided, but though, may not be obvious to newbies.

Once people are not greedy, once they learn how to avoid scam and hack, they will be able to be on the safer side.
hero member
Activity: 2520
Merit: 952
There is recent rpc scam where user sees a popup (when using particular hijacked rpc) and asks user to go to scammy site to enter seed phrase.

You can read about it here: https://nitter.net/officer_cia/status/1542829400143568897

You can avoid most of such scam attempts by simply keeping your wallet's private key and seed phrase to yourself.
Jump to: