How to prevent Phishing attacks and other scams


The best defense is awareness and knowing what to look for.

One of the most common online scams is known as Phishing (pronounced: fishing). Phishing is an attack that attempts to steal your money, or your identity, by getting you to reveal personal information -- such as account numbers, bank information, or passwords -- on websites that pretend to be legitimate. Cybercriminals typically pretend to be reputable companies, friends, or acquaintances in a fake message, which contains a link to a phishing website.

Phishing is a popular form of cybercrime because of how effective it is. Cybercriminals have been successful using emails, text messages, and direct messages on social media or in video games, to get people to respond with their personal information. The best defense is awareness and knowing what to look for. Here are some ways to recognize a phishing attempt:

  • Urgent call to action or threats
  • Spelling errors and bad grammar
  • Generic greetings
  • Mismatched email domains
  • Suspicious links or unexpected attachments
  • First time or infrequent senders

You can also protect yourself by following best practices when it comes to your account security and keeping your information private. Here are some tips for avoiding scammers:

  • Never share your private keys, seed phrases, or account access details.
  • Never disclose your 2FA backup keys to anyone or on any website.
  • Don't share your API keys with others and avoid sharing them across different applications.
  • Don't connect to untrusted wireless networks.
  • Keep your systems/applications updated to avoid security bugs.
  • Install anti-virus software and keep it up to date.