Chapter 17

Spotting Scams

Scams in Web3 change costumes faster than they change tactics. The names, logos, and stories may look new, but most attacks rely on the same few pressure points: urgency, confusion, greed, or misplaced trust.

That is useful because you do not need to memorize every scam. You need to recognize recurring patterns and pause before signing, sending, or revealing anything sensitive.

The fastest way to improve your instincts is to map common scam types to their most obvious warning signs.

Scam patterns and red flags

Scam type	Red flag
Phishing site	Lookalike URL and rushed wallet connect
Fake airdrop	Free claim that asks for risky approvals
Rug pull	Hype without transparency or locked liquidity
Support impersonator	DM asks for seed phrase or remote access

If something promises easy upside while pushing you to act fast, assume the burden of proof is on the sender, not on you.

Phishing works by imitation. The page looks close enough to a familiar brand that users click through on autopilot. Bookmarking official sites and reading wallet prompts carefully removes much of that advantage.

Fake support and giveaway scams work by authority or excitement. They want you to trust a logo, a blue check, or a countdown timer more than your own verification process.

The general rule is simple: slow is safe. In Web3, a few extra seconds spent checking the URL, contract, or message often matters more than advanced technical knowledge.