How not to fall for airdrop scams
Despite the abundance of scams, airdrops remain relevant and are widely practiced by various DeFi platforms. There are a number of protocols still without a native token, which points to the likelihood of many future distributions of ‘air coins’.
In pursuit of easy money, scammers employ increasingly sophisticated tactics. As a result victims of airdrop scams are not only inexperienced newcomers but sometimes seasoned market participants.
- Airdrops are free token distributions among selected users of cryptocurrency platforms. This is a common tactic in the blockchain industry aimed at attracting attention to projects.
- Unscrupulous market participants weaponise hype around a recovering crypto market. By organizing pseudo-distributions of tokens, they create fake websites and accounts of well-known personalities, almost indistinguishable from the real ones.
- In the hope of obtaining seed phrase, some market participants connect to scam sites and even reveal their seed phrase, without considering the consequences.
What are airdrop scams?
The rapid development of new protocols and the DeFi sector as a whole has naturally produced a vast number of fake airdrops. The scammer-promoted pseudo-distributions target FOMO among novice crypto investors and the contents of their Web3-wallets.
Fake sites can look almost indistinguishable from the originals, and projects can be promoted by seemingly real influencers. Therefore many market participants approve all wallet interactions demanded of them without thinking, and some even reveal seed phrases. The result is usually the same: the user loses all their digital assets, handing them over to the scammer.
«Permissions are typically used by decentralized applications to access and move tokens on your behalf. Even legitimate DeFi protocols may request access to an unlimited number of tokens to minimise the need for repeated approvals […]. But once you grant a malicious site access to unlimited permissions, you are effectively giving it the right to take your tokens», — noted CoinGecko analyst Joel Agbo.
Beyond the fake sites promoted on social media, investors may suddenly find new tokens of unknown origin in their wallets.
To determine where the coins came from, market participants turn to blockchain explorers. But they return an error message with the address of a third-party site, supposedly to visit in order to obtain the ‘air-dropped’ crypto assets.
«A user can be duped by phishing into entering a secret phrase on a website, after which scammers gain control over the entire wallet», — described by MetaMask analysts.
According to them, another scenario could be more “sophisticated”.
«You go to claim your tokens, a confirmation prompt pops up in MetaMask. You approve the transaction, not realising that you are granting the site permission to receive coins», — explained the researchers.
Examples of airdrop scams
Recently the Celestia conducted an airdrop of TIA tokens. Against the backdrop of the distribution, a multitude of fake accounts spread information about a “last chance” to obtain the coveted coins.
In the screenshot below is shown an example of an artfully copied Celestia profile on X. The descriptors differ only: calestiatoken (fake) vs CelestiaOrg (original).
In this case, potential investors are lured by false promises. Users have ‘only 24 hours’ to post Ethereum addresses in the comments and subsequently promote the scam resource via reposts.
Thanks to the viral spread, the account gains a targeted audience, thus taking the first step toward the scam’s success. The 1200 addresses listed in the post may receive some amount of TIA tokens, but to do so they will need to connect to the fraudulent site.
Scammers can also imitate popular social-media users, for example by copying information from their X profiles.
If you look closely, there is also another difference: the fake profile picture is framed by a circle, while the real one is hexagonal.
The fake account also posted a tweet with a link that resembles the site controlled by the original profile — eansrdrop.io, which is hard to tell apart from the real one (earndrop.io).
Unlike the original site, where registered users must paste their addresses to receive distributions, the fake resource immediately requests a wallet connection. And, according to Olimpio, after this the scam platform scans networks and identifies tokens.
Experts emphasise that such phishing schemes affect even experienced investors.
Highly sophisticated actors have been exploiting & attacking Earndrop and Olimpio for months.
Meanwhile, hundreds of users were (unfortunately) drained. Punks, ETH, USDC.
Here I share what we’ve been doing, what they do in retaliation, and how as a user you can protect yourself pic.twitter.com/MfeIpx6RCx
— olimpio (@OlimpioCrypto) October 31, 2023
Many projects offer investors a way to check their rights to receive an airdrop by connecting their wallet on a dedicated page. In turn, scammers create fake sites with similar names:
For example, the screenshot above shows two links to proceed to the ‘claim’ of the Celestia project’s coins. Beginners prone to hasty decisions may turn to a fake site, which will then offer to connect a wallet or request the seed phrase.
Airdrop fraud also thrives in the non-fungible token segment.
«If you notice suspicious objects in the NFT tab of your Web3 wallet that you did not purchase and that look more like ads than digital art, informing that you can get a drop by clicking their website link, do not do this. Better not to interact with such tokens at all, hide them or add them to your ‘Suspicious NFT’ portfolio», — the MetaMask experts advised.
How not to fall for an airdrop scam?
Cryptocurrency projects typically do not keep future airdrop information secret. After all, their aim is broad adoption of the proposed solution, user onboarding and community development. Each significant distribution is usually accompanied by substantial information on the official site and on social media.
Therefore, before taking advantage of another opportunity to obtain coins ‘out of the air’, spend a little time studying the distribution criteria. It is also prudent to seek reviews from other users who have interacted with the protocol.
Always prioritise official sources. Use platforms only after carefully verifying the links.
New projects typically distribute coins to early followers of the protocols — those who engaged in swaps, used cross-chain bridges and contributed liquidity to pools on still-new platforms. But be highly sceptical of campaigns that require you to transfer crypto assets just before claiming tokens.
Thoroughly study the projects. The groundwork will help you choose a suitable risk-management strategy and decide whether to interact with the protocol at all.
Re-check links against official sources. The intended audience of airdrop scammers is novices who make hurried decisions. Fake-site links contain typos that are easy to miss. You should also verify the individuals promoting the distribution — whether they are who they claim to be.
Any ‘airdrop’ that asks you to reveal private keys or seed phrases is an outright scam. Such information should be known only to you and kept offline.
If claiming a token found in your wallet is accompanied by an error message and an invitation to visit a third-party site — that is almost certainly a scam.
In an interview with ForkLog, the head of analytics and research at HAPI Labs, Mark Letsyuk, explained how not to fall for scammers. Here are a few quotes:
- Always re-check links to CoinGecko and CoinMarketCap. Phishing sites rarely pass those checks. If a scam pops up on CoinGecko, that is more of an exception to the rule;
- If a well-known project such as Linea or LayerZero distributes an expected airdrop, all major media — The Block, Decrypt, Cointelegraph, CoinDesk, ForkLog and Incrypted — will report it within eight minutes;
- If you were contacted via direct message or email about a distribution, why would they be chasing you to shower you with coins? Those days are long gone — five years ago you might expect tokens to be handed out to everyone. Nowadays it is usually retro-drops, and coins are distributed for activity — for using an application and/or network. If you do not know the platform, have not used it and are being asked to claim an airdrop, think twice. Projects do not chase after anyone to hand out coins;
- Even if an airdrop seems legitimate, but you are asked to make a payment — this is likely also a scam;
- If you are asked to connect a wallet somewhere and claim tokens, you should definitely check the site. It must be the project’s official site or a linked resource. Otherwise the probability of a scam is close to 100%;
- If you are offered an airdrop in a dubious community — a Telegram group or Discord channel you barely recall how you joined — there is a possibility the distribution is real, but the odds are small. Always verify via the project’s official site whether such a community exists;
- If you are already asked to claim on a site, before signing transactions to grant rights to a smart contract to interact with your wallet, stop and examine the contract address. Copy and paste it into Etherscan. If a well-known project is distributing an airdrop, the blockchain explorer will likely tag the address as the official smart contract for user airdrop claims.
Conclusions
Even seasoned crypto investors can fall prey to airdrop scams, as it is sometimes hard to distinguish genuine projects from fraudulent ones — sites and links can resemble each other almost identically.
Before taking part in a given distribution, market participants should carefully study the relevant information, relying primarily on official sources.
Sometimes the value of the tokens obtained is so small that it barely covers the gas costs spent interacting with the smart contract. If the project is obscure or, worse, suspicious, investors should question whether the risk is justified.
Рассылки ForkLog: держите руку на пульсе биткоин-индустрии!