Start by revoking dapps access to your wallet on Ethereum, Binance Smart Chain, and Polygon
As crypto increases in value, the contents of your wallet will become more valuable and, therefore, prey for scammers. So how can you protect your assets in the Web3 space? Read on to discover some precautions you can take to ensure outsiders can’t gain access to your crypto wallet.
- Basic safety rules to navigate web3
- Closing words
Basic safety rules to navigate web3
Dapps such as Uniswap, Axie Infinity, OpenSea, and so on can be accessed through dapp browsers or Web3 wallets like Metamask. While interacting with these applications, users can inadvertently give scammers express access to their wallets.
However, when you interact with dapps these dapps tap straight into your wallet. You are the one approving all actions.
Once this happens, scammers will not hesitate to transfer your funds to their own wallet, leaving you empty-handed. Therefore, it’s important to learn all you can about wallet safety. Let’s go through a couple of important points below.
1. DYOR before investing
Doing your own research is web3’s most basic advice – and the one that’s most easily underrated. It’s quite easy to buy tokens that someone on the internet says it’s a gem. But why would you blindly trust a stranger’s opinion?
Don’t trust, verify.
Before putting your crypto in a hot new project, dig deep into its website, Twitter (X) account, Discord server, how engaged its community seems, the developer team behind it, and so on. Make sure you only connect your wallet to the dapps you have verified yourself.
2. Beware of what ads you click on
Never click on links from unidentified sources; always be wary of Google or social media ads for crypto services. However “legit” the ads seem to be, you may be looking at a copycat of the original project’s website or even a completely fake one. Instead, go to the project’s official website and see if such a drop or sale is correctly advertised by the official media.
Moreover, Web3 influencers often promote projects on their official social media accounts that users still need to be cautious about. Sometimes, their accounts have been hacked, and scam content is being shared without their consent. In short, always stay alert.
3. Always use 2FA, but never use SMS
Through social engineering techniques, hackers can overtake your phone subscription. They simply act like they are you, and activate a new sim card. Once they get access to your phone number, every platform that use two-factor authorization (2FA) with SMS, will become vulnerable.
Therefore you should never use SMS, but instead rely on authenticator apps such as Authy, Google’s Authenticator and other similar ones.
4. Keep the token approval list empty
Interacting with smart contracts, dapps, and automated market makers will make you approve all kinds of interactions. However, such approvals could leave your wallet exposed. Sometimes, you may not even know that you interacted with phishing links that undermine the security of your wallet.
It’s essential to keep your token approval list as empty as possible.
Still, you can decide to only interact with trusted links and smart contracts. Or always check for the list of smart contracts with access to any of your wallets and go ahead and revoke them using the necessary tools.
Revoking access to your wallet
For tokens on the Ethereum network, using Etherscan helps you to know the number of smart contracts you have approved on your wallet. The Etherscan tool is a data aggregator for all tokens built via the ERC20 standard. So you can always get to see ongoing transactions on every ERC20 token.
Aside from that, this is also a useful tool for assessing your token approvals list. Through Etherscan you can revoke access to your wallet. When you revoke access to your wallet, the next time you enter that dapp you will need to approve access again. However, your tokens won’t be gone. No worries. Now, let’s get to the crux of the whole discourse.
How to check for the approved token list
- Open Metamask, and make sure you’re logged in. Click the wallet address to copy it.
- Go to the Token Approval Checker on Etherscan. The service is currently in beta and can be found once you log in to Etherscan > More > Tools > Token Approvals.
- Paste your wallet address > press search
- The page will now show all approved smart contract interactions with that particular wallet.
- Click the “Connect to Web3” button to connect Etherscan to your active wallet in Metamask.
- Once connected, you can click the “Revoke” button on the right side to make sure a certain dapp no longer has access to your wallet. Keep in mind, there are gas fees involved in revoking access. However, the choice between spending $5 or losing $5,000 is presumably pretty easy.
In a similar fashion, users can revoke token approvals on Binance Smart Chain and Polygon as well. Simply follow the links below, and go through a similar process as described above:
5. Use Blockfence, powered by DappRadar API
One of the most effective ways to protect yourself from scammers is to use a tool that can detect and prevent fraudulent activities. That’s where Blockfence comes in. Blockfence is a free browser extension that uses DappRadar data to verify smart contracts and website URLs, and alert users about potential threats.
By leveraging the DappRadar API, Blockfence can provide users with real-time data about the dapps and protocols they are about to interact with. This way, users can make informed decisions and avoid scams that could drain their wallets.
Blockfence’s browser extension is easy to install, open-source, and anonymous. Once installed, users will receive automated alerts whenever they attempt to approve a transaction. These alerts will inform them about potential threats and give them more information about the dapps they are interacting with. By presenting DappRadar’s metrics to users, the extension educates users about the risks and benefits of each interaction.
5. Have multiple wallets for different purposes
Don’t keep all eggs in the same basket. That’s a common mistake web3 explorers beginners or not often make – but that’s easy to correct.
While navigating web3, you’re likely to connect your wallet with various projects simultaneously. And if you do forget to empty your token approval list or to deeply research a project before connecting and falling prey to a scam – you’re cool because all your assets will be divided into different wallets.
The most basic version of this is having a cold wallet – such as a Ledger – to safely store your NFTs and crypto of higher value, like a safe. It’s important not to use it as a browser wallet you’d use to swap tokens and connect to any project.
If you do get hacked, only one wallet will fall victim instead of your entire portfolio.
Obviously, one can never be too sure of the security of one’s wallets; you just have to assume the worst and act accordingly.
Getting your wallet drained is a bad experience and might set you back thousands of dollars. Reviewing and revoking tokens via any of the tools mentioned above is an effective way to protect your wallets from scammers. Adding another weapon to your arsenal in the battle against scammers.
Explore web3 and beyond
DappRadar offers users a wide yet in-depth data-based perspective on top projects in the web3 space. Navigate through the DappRadar Rankings to learn what’s trending in DeFi, crypto, NFTs, games & more.