User safety
This page collects resources and guidelines for avoding scammers and common scam tactics. Currently an unbelievable amount of scams pop up everyday in the cryptosphere. Stay safe! If you come across a scam, help others and consider reporting it. See reporting section
- Teia will very rarely reach out to users via mail, currently there is only the following official, trusted e-mail address used by the Teia community for official Mails:
info@teia.art - If someone contacts you about possible art comissions or copyright accusations, be very cautious.
- Don't open attachments if you are not sure if they are trustworthy, ask other members for assistance if you get suspicious messages.
- If you use Windows, be sure your machine is displaying the filetype and know what file types are dangerous.
- If you are unsure, try to research a bit and ask community members for assistance.
- Turn Off DMs in servers in your server settings to avoid DM scams.
- Do not click on suspicious links, especially in DMs and in Email.
- Do not download or open files sent to you by strangers.
- We have also seen people from our server that have seemingly legit profiles on discord sent malware to other members, before opening files, it would be best to ask around or carefully check if the person is trustworthy.
- If you are being harassed, please inform the Mods.
- Keep up to date with the #โscam-discussions and warn others about suspicious activity.
- Discord Captcha Bot, Arcane Bot and Ticket Tool Bot have been compromised. If you have used these in any server, please immediately revoke access to it by going to:
User Settings > Authorized Appsand remove these Bots. Teia server previously used Captcha Bot, but no longer does so. Please make sure to remove access in your settings. Each user should disable the permissions in their account.
- Never share your seedphrase with anyone. Hide it and keep it safe. Some malware gets scammers access to your clipboard, therefore it's safer to keep the seedphrase stored offline and type it into the PC instead of copy pasting it.
- Never share your screen or QR Code for your wallet with anyone.
- Check and double check the wallet website links you are accessing.
- Check and double check any transactions that come through your wallet before you sign them. Make sure it is what you are expecting.
- Only sync your wallet to sites that you trust. Best practice: Double check the URLS of your favorite tool and marketplaces and save them in your bookmarks to avoid imposter websites. You can find a list of trusted comunity tools and trustes Teia/Hicetnunc mirrors on our wiki.
- Be cautious of unsolicited DMs, and do not click on suspicious links.
- Report suspicious activity immediately.
- If you are being harassed by someone in this Discord on another platform, please inform the Mods.
- If you ask for help on twitter with a crypto problem or with your wallet, you will get 'helpful' suggestions to join a 'support' discord for the app, or a link to an instagram account. These will mostly be fraudulent and scam accounts.
- If you come across a suspected copyminter, please collect evidence and report in Discord.
For all of these, you are safest to ignore them (and report their tweet etc) and warn others on the #โscam-discussions in our discord. If files are sent, delete them. If links are given, DO NOT click. If they send an email, delete, donโt respond.
โI want you to make art for my daughter/aunt/wifeโ
or
"We are an international smartphone company and want to start a NFT project, we really like your art want you to do a few paid artworks for us in our style"
They will send you a link or file to view their sketches.
This is an attempt to get your computer infected with malware to get your seed phrase or other access to your wallet.
example:
!
โYou have violated copyrights and posted work partially copied from our studio concept, which was published in February 2021."
many variations; some say โchief copyright officer fromโ fx(hash) or objktdotcom or hicetnunc.
They will send you a link or file to show proof of your violation.
This is an attempt to get malware onto your computer, to get your pass phrase or other access to your wallet.
You probably know already if you really violated someoneโs copyright.
โyou are the winner of a BTC giveawayโ
No. Youโre not. (via Discord DM or friend request)
example:
!
or
$APE coin drop
some def. fake, possibly all. Check very carefully before entering into any coin drop.
This is basically the reverse of the classical "i trick you into giving me your seedphrase to help me" - here the cammer gives you their private keys and asks you for help (as an expert) but in order to do anything with the given wallet, you need to first send funds in to pay for gas (yes, this is mostly ETH wallets) which then gets drained quickly by the scammer.
See this articleabout this scam scheme on /cryptoadventure.com
Examples:
โsend us BTC / ETH etc and whatever you send we will send you doubleโ
No. They will keep what you sent. Usually via youtube videos with faked versions of Vitalik/Musk/other supposedly important influencer.
โyou asked for technical advice/support with your wallet etc. xxx will help you, see their Instagramโ
They will scam you (not sure how this works)
or
โyou asked for technical advice/support with your wallet etc.โ
likely you are about to be socially engineered out of your seed phrase (NEVER give anyone your seed phrase, ever) Please remember that if you asked a question on our discord, noone from the team will use direct messages to get in touch for you. All user questions will be answered directly in the open channels.
example:
or:
here we can see a scammer posing as "wise" from the objktcom team. NOTE: user support on both teia and objktcomk only happens in discord channels and no community manager will approach you via dm!
or
โyour wallet was hacked, you lost 200 boardaps or all your crypto, xxx on Instagram can help you get at least 90% backโ
They will scam you (not sure how this works)
Often scammers will disguise file formats. Per default, Windows doesn't necessarily show file extentions (like the ".pdf" in "myfirstnovel.pdf" - the file gets displayed as "myfirstnovel") - scammers use this to name their virus software smth like "myfirstnovel.pdf.pif" which windows might show as "myfirstnovel.pdf"even tho it is a executable malware program.
Article on how to show file extensions in Windows 10/11 at thewindowsclub.com
Most commonly seen are .exe, .scr, .pif, MS Office docs with macros. It is generally safe to open Zip, RAR but these file compression formats may contain the other dangerous types. Be vigilant.
example:
!
Sometimes, scammers buy domains that are similar to legit domains and buy google ads to make them appear at the very top of the google search results. This was a huge thing around summer 2021 with kukai: Scammers bought domains like kukkai.app, walletkukai.com, etc. People that use google to acces the wallet websites where thinking they acessed the wallet website and synced/gave away their seed phrase to the imposter sites.
Again, the best practice here and in general is to bookmark the legit site and use the google search very carefully when looking for any site that you want to sync/access your wallet from. Especially google is very prone to suche schemes. Adblockers and google alternatives like duckduckgo can reduce that rist, but of course not elimiate it completely.
example:
If you receive a link to download a suspicious file from wetransfer, they have a convoluted reporting system, but they will investigate if you report:
"You can use this direct link: http://we.tl/support
Then select; Legal/Security > Suspicious Emails > Spam or Phishing
This will lead you to a form to report the details of the transfer and we will investigate further. If the transfer is found to be malicious, we will remove it from our servers. "
has a list of known scam domains that try to impersonate real domains. Check here if you are suspicious about a domain (and look carefully at the spelling eg kuaki, kukkai, kuakkai are not domain names for kukai wallet)
An occasionally updated twitter thread of scams
NFT news site; category: scams