Imagine that you were a scammer trying to target a particular group of people… let’s say people who like to spend their days at the lake relaxing with a fishing pole hanging in the water. Who knows why – maybe you are trying to sell counterfeit lures? Coordinate putting out some AI-enabled fishing rod that’s collecting fingerprint data while they laze their days away? Motivations are rather inconsequential for this example.
You could pay for a big list of dark web data, but you could also just insert yourself into that community. You can hop on message boards, join chat groups, heck you could even go hang around local bait shops. Before long, you’ve got a lot of useful demographic data on people that are part of that group. Maybe all you have is some emails and IP addresses… but that’s enough to start refining your list and getting more information.
The same is true with Discord. The Gala community is a great place for the latest news and robust conversation about every aspect of the Gala Ecosystem. The popularity and richness of social connections that are forged on our Discord server or Telegram channel, however, also make them a popular destination for another type – scammers. It’s important to know and understand the tactics of these digital miscreants to keep your digital assets safe while still participating in any digital community.
Welcome to the 8th installment of The Guardian Papers, where we try to impart the wisdom that everyone should have to start a successful journey through the world of digital ownership. The blockchain world is still in its infancy. We here at Gala believe that empowering each and any member of our community makes us stronger as a whole.
Miss an issue of the Guardian Papers!? Check out past editions below!
The Guardian Papers 6: Don’t Mess Around with Passwords
Welcome back guardians!
Today we’re talking about those standbys of digital defense – passwords!
Continue Reading The Guardian Papers 6: Don’t Mess Around with Passwords
The Guardian Papers 5: Too Good to Be True
Welcome back to the Guardian Papers, hero!
It’s time to dive back into the dark mind of a scammer to fight for the forces of good!
Guardian Papers 4: Beware the Impersonator
Welcome back to the Guardian Papers!
This week, we’re diving into the dark underbelly of digital life as we try to arm you with knowledge to fight off scammers!
It is our hope that this series has and will continue to present foundational information that will not only provide a base understanding of how to keep your blockchain footprint secure, but will also help inform your journey through this digital adventure so you can ask better questions, do better research, and make better decisions to help guard your entire community.
The Dark Side of Community
Discord was originally made for gamers. As the scope of the platform has grown to include countless massively popular communities, however, it has also attracted the riffraff that stalks digital space for the opportunity to steal from the unwitting. Because Discord servers categorize people into common interests, it’s easy for scammers to get inside groups and represent themselves as just another member – or even an authority figure – within that community.
The same is true for Telegram or other messaging apps where people commonly gather in like-minded groups. In these spaces, the community itself has already done the work to compile victims for all the villains in the cryptoshadows. Communities are welcoming because that’s the point of community. By simply being in these groups, however, you’ve done part of the scammers research for them… they know that you are part of their target audience.
Make sure you customize your privacy settings in Telegram… or else you’re about to get a whole hornet’s nest of attention from all the wrong people!
Community messaging apps like Telegram and Discord are third-party platforms that are utilized by Gala, but these can have their own security issues that are simply beyond any community’s ability to control. The scammers thoroughly know the shortcomings of these apps, and can exploit them to attempt to scam thousands of members of a community within minutes. Even one success will show them this pond is well-stocked with easy catches for their future fishing endeavors.
Any community where the digital villains see opportunity isn’t going to get rid of them without a fight, however. We can only turn the tide against the scammers by making sure that each and every one of us is ready to defend against them.
Don’t forget to customize your exceptions as well! By default, any member of Telegram’s premium subscription can contact you regardless of your settings 😱
Don’t forget to customize your exceptions as well! By default, any member of Telegram’s premium subscription can contact you regardless of your settings! 😱
How Scammers Prey on Communities
It’s hard to build and feel community if you’re always suspicious of your neighbors. The scammers are counting on this, because that’s not how defenses work. When you perceive yourself as ‘among friends’ your defenses naturally go down. You want to be helpful – after all, that’s what building community is all about.
That’s why they’re here. Community is a group trust that we build up over time with likeminded people. We can’t simply turn it off and on. It’s not like we recognize every member of the community, we just recognize that they are part of the community.
We’ve discussed impersonation before, so you’re all very well aware that there are people out there who will pretend to be Gala customers or community support. You need to stay vigilant for these types of things… these apps are where the scammers find their marks.
This isn’t to say that community itself is bad. In fact, it’s very very good. Community standards and best practices are how we combat these scammers. Building a community is too important to let scammers stop us. We have to build a better community to make it outlast the villains.
Trust is Earned
Just because someone is part of your community does not mean they’ve earned trust, and it’s not an insult to tell them so. Caution is admirable… and part of the point of web3 is to establish systems that don’t rely on trust.
First off, please adjust your privacy settings on Telegram, WhatsApp, Discord or similar apps if you have not. In Telegram, for instance, you can be contacted by anyone by default. If you don’t change that it’s only a matter of time before you are getting blown up with spam and scams. Similarly WhatsApp will show your personal phone number to anyone who comes looking if you don’t change the security settings… make sure to get this done or you’re wide open to an attack from a crytpovillain.
Even on Discord you can customize your security settings to control who can reach out to you. As we’ve discussed before, don’t trust a display name… that can be easily changed. Put people you trust on your friends list. Consider changing your settings so friends can message you. That way any new friend requests are where you know you need to be vigilant, and anyone on your friends list has already been vetted.
Trust, but verify
-Old Russian proverb
Don’t trust these security measures to be the end all be all of your defenses, however! People can get hacked or lose access to their accounts. Sometimes the attack could come from someone you know… albeit not them actually sitting in front of their keyboard.
Community Strong
With so many threats among communities you trust, the fight against bad actors in digital spaces can seem hopeless. Fortunately, community is also the cure to this malady.
⬆️ Not a great way to seek help from the community. Not only does anyone watching now know this user’s needs, but also their urgency. I bet their DMs blew up.
⬅️This is a great way to utilize the knowledge of the community. Tons of eyes can get on the deceptive scam attempt right away to verify if it’s legitimate or not. HINT: This one was not legitimate.
No one person can be entirely vigilant all the time. We get tired. We get distracted. Our guard comes down for a moment here and there… and that’s when attacks happen. Talk to your community. Educate each other and call out the tactics that scammers are using so that everyone can learn to avoid them. Alone an attack is inevitable. Together we’re strong.
If you see something sus, reach out! Ask the community you trust whether you should be engaging. Don’t be embarrassed. A simple question could save you a lot of hassle.
Guarding Each Other
When we work together, the community really shows its strength. Those who seek to exploit communities of common interests in the web3 space are counting on us not following through with our commitment to a solid community. If a victim doesn’t use the community resources at their disposal to help themselves, what can a community do to help?
That’s why it’s so important to share tips and educate fellow community members about security culture. If we all get a little better at spotting bad actors, we’ll all be a little less likely to get scammed. If we all get a little better and share a little more of that culture with each other, we’ll be exponentially more protected from those who seek to do us harm.
That’ll do it for this week’s Guardian Papers, but we’ll be back! Next time, we’ll be breaking down multi-factor identification and how it can help protect your digital sovereignty in this new age.
Stay safe Galaxians… and always have your shield ready!
