Seen from January 2025, targeting crypto accounts of 50k to +1m followers. Scenario You chat with someone on X (from a verified profile), they are interested in: * Giving you an interview * Writing a blog post about you or your company * Collaborating * And more Not now, but after a few messages they send you a link that seems legit, the overview will show either “Google Calendar” or any other type of
DON’T GET REKT 🤡 Configure Your Wallet Securely * Enforce Multi-Signature Requirements: Ensure critical operations (ex fund transfers, ownership changes, upgrades) require a 70% threshold consensus. Incorporating external tiers, such as a security firm, can also significantly enhance security by providing impartial oversight and mitigating risks. A 5-out-of-7 multisig setup with one external tier achieves the 70% threshold while adding this extra layer of protection. * Role-Based Access: U
DETECT PHISHING EMAILS, FAKE SIGNATURES, SCAM SITES AND TRANSACTION SPOOFING First, a huge shout-out to the https://theredguild.org/ team for what they are doing. These guys have amazing stuff for all of us working in Web3. Either you are a Dev, a Security Researcher or a CEO, you must have a look at what they are doing. * Check-out their blog. * Their Phishing Dojo. * Their Security Toolkit. My Walkthrough On
WE TEND TO THINK EVERYTHING IS MORE AND MORE SECURE WITH TIME BUT LET’S BE REAL, IT’S NOT This is most likely because of 2 reasons: * Systems are more and more complex and designed to answer very specific needs, so “classic security” is never enough. * Attackers are targeting employees and users using sophisticated social engineering attacks to target the “weakest” point of the chain, in other words, us.