Metamask Trash and The Dangers of Airdrops

Updated: Nov 23, 2021

A nuisance or worse. Is this trash a phishing attempt or a potential hack?

This article is a security primer for onboarding and using crypto.

So; your buying and selling nft's and crypto and paying gas fees. You get used to opening your Metamask wallet and checking your account, but now some unknown items pop up in your wallet.
Most all of this trash is due to Airdrops. Some are the real deal, but are they safe to own or explore?

Welcome to the inter web. Metamask is a brower extension that functions as an ETH wallet.

ETH and any ETH based token (erc20, 721, and more). You access this wallet via the web and a password.

You don't use 2Fa security feature with Metamask you only have your seed phrase to protect this wallet. That's because this wallet exists in the blockchain and the private keys are not available to Metamask, only you. So the added protection of 2Fa is like putting 2 locks on the door, but you may have left the back door open. But..... your public address is just that. Public.


So where does this trash come from? and what's up with all these airdropped tokens.

I looked around a bit to see what was really up with airdrops. The real deal in good airdrops are few and far between. This Redditor contributor sums up all I have found out in a short paragraph or two. Read it here.


My time is worth a lot to me. I really don't want to squander my time (read resources ) chasing the rainbow or the BS scams that abound in the Airdrop world. If you have nothing to do but play candy crush all day, I think it would be a better investment than chasing airdrops.


Now, back to the trash in your metamask wallet. Don't trust the unknown tokens and trash you get sent to your public address. Many is the tale of people trying to redeem these unknown tokens and it seems to backfire and drains their wallet. I'm still looking into that, but social media accounts are full of these stories about an airdrop that turned sour.



My advice, practice safe sx. If you are going to have intercourse with the internet, be safe. Who do you trust? An unknown ? A trusted partner? Or, how about a real life hacker/thief that is masquerading as a trusted partner?

The scams are getting better and better. So practice internet intercourse hygiene and be safe out there. For now, just hide the tokens and come back for more answers soon.


Here are the minimum steps that can keep you safe.

  1. Use a strong anti-virus program. My favorite is SOPHOS. I have had no security issues in over 8 years using this company. They also offer a fast reaction team that will gear up in minutes and handle hacks and ransom ware attacks.

  2. I preferr the Brave browser over Chrome. It has many more security features.

  3. If you use a PC, keep your Updates current. Most of these updates are security patches.

  4. Keep your passwords strong, unique, and change them now and then.

  5. Never give out seed phrases or recovery phrases (keep them air gapped and in a safe place)

  6. Use a VPN. (not a free VPN) you get what your pay for.

  7. Disconnect all unused accounts from your metamask. ( every day )

  8. Turn off your computer when you leave each day.

  9. Learn about phishing attacks/scams. And watch for them.

  10. Last , but not least. On Metamask use the 3 dots on the right. Hide the trash and disconnect frequently.



I have more to learn about this trash and I will do this soon. More on this as I hope to find a safe way to burn these ERC trash/scam tokens.



 




FNL content including, but not limited to, articles, podcasts, videos, live streams, and websites are intended for informational purposes and should NOT be considered financial, investment, tax, legal, nor trading advice. Cryptocurrency, futures, foreign currency and options trading contains substantial risk and is not for every investor. An investor could potentially lose all or more than the initial investment. Risk capital is money that can be lost without jeopardizing one’s financial security or lifestyle. Only risk capital should be used for trading and only those with sufficient risk capital should consider trading. Past performance is not necessarily indicative of future results. https://futuresnetworks.live/risk_disclaimer