Open in app

Sign in

Write

Sign in

How Not To Become a Victim Of Scammers

Akin Ibikunle
6 min read1 day ago

--

First of all, I want you to have this at the back of your mind that, “no one is too smart to be scammed”. On February 21 2025, Bybit, a prominent cryptocurrency exchange, experienced a significant security breach resulting in the theft of approximately $1.5 billion in Ethereum. The attack occurred during a routine transfer from an offline "cold" wallet to an online "warm" wallet, where hackers exploited security vulnerabilities to gain control over the funds.

Despite the substantial loss, Bybit's CEO, Ben Zhou, assured customers that the company remains solvent and committed to reimbursing all affected users. The incident has been linked to the notorious Lazarus Group, a North Korean hacking organization known for previous large-scale cyber heists.

This event underscores the escalating sophistication of cybercriminals and the critical importance of robust security measures in the digital age. As online scams become increasingly prevalent, affecting both individuals and large organizations, it is imperative to understand how to protect oneself from falling victim to such fraudulent schemes.

In today’s interconnected world, scams have evolved beyond simple deceit, employing advanced techniques to exploit unsuspecting individuals.

In the world of DeFi, you are your own bank – and that comes with both freedom and responsibility. This article will guide you through the most common scam schemes on DEXs, provide recent real-world examples, and offer practical advice on protecting yourself. By understanding these risks and implementing best practices, you can significantly reduce your chances of falling victim to these schemes, even if they can’t be eliminated entirely.

Common Scam Schemes on DEXs

Rug Pulls

A rug pull occurs when project developers abandon a project and run away with investors’ funds. This often happens after creating hype and attracting significant investment.

In March 2024, the Magnate Finance project on the Arbitrum network executed a rug pull, draining approximately $6.4 million from liquidity pools. The project’s social media accounts and website were quickly deleted after the incident.

Impersonation Scams

Scammers create tokens with names similar to popular projects or claim to be “v2” or “pro” versions of existing tokens. These mimic legitimate projects to trick users into connecting their wallets or revealing private keys.

In January 2024, scammers created a fake Ethereum Name Service (ENS) token on various DEXs, mimicking the legitimate ENS governance token. Many users were tricked into buying the worthless imitation token and experienced significant losses.

Front-Running

Bots or malicious actors see pending transactions and place their own with higher gas fees to execute first, profiting from the price movement. This can result in worse execution prices or failed transactions for regular traders.

Throughout 2023 and early 2024, the Ethereum network has seen a surge in Maximal Extractable Value (MEV) bots. In February 2024, a particularly sophisticated front-running bot was discovered that had extracted over $25 million in profit from unsuspecting DEX users over a six-month period.

Liquidity Farming Traps

A strategy where users provide liquidity to DeFi protocols in exchange for rewards. They create farms with unsustainably high APYs, attract liquidity, then drain the pools or manipulate token prices.

In November 2023, a project called “YieldMaximizer” on the Binance Smart Chain promised returns of over 1000% APY. After attracting over $12 million in various cryptocurrencies to its liquidity pools, the project’s smart contract was exploited, and all funds were drained within hours.

Flash Loan Attacks

Flash loans allow users to borrow large amounts of cryptocurrency without collateral, as long as the loan is repaid in the same transaction. Attackers use these loans to manipulate market prices temporarily, exploiting vulnerabilities in DeFi protocols.

In April 2024, a flash loan attack on a popular automated market maker (AMM) on the Avalanche network resulted in a loss of approximately $18 million. The attacker used a flash loan to manipulate the price of a low-liquidity token pair, draining a significant portion of the protocol’s liquidity.

Spam in Direct Messages

Scammers send unsolicited messages through various platforms, often masquerading as legitimate projects or offering too-good-to-be-true opportunities. These messages aim to trick users into revealing sensitive information, connecting wallets to malicious sites, or sending funds to the scammer.

Imagine you receive a direct message on Telegram: “Hello! I’m from the DEX_SwapPro team. We’re launching an exclusive staking program with 500% APY. Click this link to connect your wallet and start earning now!” This message is a scam attempt. Legitimate projects rarely reach out via DM with such offers. The link likely leads to a phishing site designed to steal your wallet information.

Fraudulent Transactions to the Wallet

Scammers send unexpected tokens or small amounts of cryptocurrency to your wallet, followed by messages asking for action on your part. These transactions are often used as a pretext to engage you in a scam, either by asking you to return funds or claiming you’ve won a prize that requires further action.

You notice a transaction of 0.1 ETH in your wallet that you don’t recognize. Shortly after, you receive an email: “Congratulations! You’ve won our weekly ETH giveaway. We’ve sent a small verification amount to your wallet. To claim your full prize of 10 ETH, please send 0.5 ETH to this address for processing fees.” This is a scam. The initial 0.1 ETH was sent to lure you into sending a larger amount. Never send funds in response to unexpected transactions or prize claims.

Best Practices for DEX Users

DYOR (Do Your Own Research)
Always investigate the team, tokenomics, and project history before investing. Use platforms like CoinMarketCap, and official project documentation for information.

Use Reputable DEXs and Wallets
Look for audited smart contracts, transparent teams, and active communities. Use hardware wallets for large holdings, and never share your private keys or seed phrases.

Be Wary of Too-Good-To-Be-True Offers
Unusually high APYs, pressure to act quickly, unsolicited direct messages. If an offer seems too good to be true, it probably is. Always question extraordinary claims.

Understand Smart Contract Risks
Prefer projects with multiple audits from reputable firms. Use platforms like DeFi Safety or RugDoc to assess project risks.

Practice Safe Trading
Keep it as low as possible while ensuring your trade will go through. When available, use limit orders to protect against unexpected price movements.

Stay Informed
Stay updated with reputable platforms like CoinDesk, Cointelegraph, and The Block. Participate in official Discord or Telegram groups, but be wary of direct messages.

What to Do If You’ve Been Scammed

  • Steps to take immediately:
    Disconnect your wallet from the malicious site.
    Transfer remaining funds to a new, secure wallet.
    Document everything related to the scam.
  • Reporting the scam:
    Report to the relevant blockchain’s fraud reporting system. Warn others by reporting to crypto scam tracking websites.

Here’s a list of actions you can take right now to enhance your security on DEXs:

Audit your current investments: Review all the projects you’re currently invested in. Do they still hold up to scrutiny?

Check your wallet permissions: Review and revoke any unnecessary permissions you’ve granted to DApps.

Enable additional security features: If you haven’t already, enable two-factor authentication on all your crypto-related accounts.

Create a separate “high-risk” wallet: Use this for interacting with new or unproven DeFi protocols, keeping the bulk of your funds in a more secure wallet.

Educate yourself: Commit to spending some time each week learning about new scams and security best practices in the DeFi space.

Share this knowledge: Send this article to at least three friends who are active in DeFi. The more people who are aware of these risks, the safer the ecosystem becomes for everyone.

Join a reputable DeFi security community: Engaging with others can help you stay updated on the latest threats and protection measures.

Practice with small amounts: If you’re trying a new protocol, always start with a small amount you can afford to lose.

Be wary of unsolicited messages: Never click on links or connect your wallet based on unexpected DMs, no matter how tempting the offer might seem.

Ignore and report spam: Use the reporting features on messaging platforms to flag suspicious accounts and help protect the community.

Don’t respond to unexpected transactions: If you receive unexpected funds or tokens, do not interact with them or respond to any messages about them. They may be part of a scam.

Verify all information independently: Always double-check project information, token addresses, and offers through official channels and reputable sources.

By taking these steps, you’re not just protecting yourself – you’re contributing to a safer DeFi ecosystem for all.

Conclusion

While it’s impossible to completely eliminate the threat of scams in the decentralized ecosystem, armed with knowledge and best practices, you can significantly reduce your risk of becoming a victim.

Defi
Cryptocurrency
Blockchain
Defiscamcheck
Scams To Avoid

--

--

Akin Ibikunle
Akin Ibikunle

Written by Akin Ibikunle

50 Followers
15 Following

I write about the web3 ecosystem and marketing. Driving engagement and providing valuable insights within blockchain and DeFi. 📍Content & Product Marketer.📍

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams