Welcome back to The Guardian Papers, the series where we help bolster the security super sense of our community on GalaChain and beyond! Today we’re continuing our dive into the world of cons and villainy as we explore the methods that scammers use to deceive unwitting marks. Educate yourself on their methods, and soon you’ll be a defender of others rather than a target!
Scam Profile: Too Good to Be True
Hey there! Would you like to amass riches without any effort whatsoever?
If you answered yes to this question, you may be a human being!
Seriously, everyone wants this. This is what the scammers out there are counting on, and how they reliably reel in their prey.
Rather than exploring how scammers deceive you like last time, today we’re getting a bit more cerebral. We’re talking about the bait – the incentives that scammers will use to get you to throw aside caution and logic to dive head first into their trap.
If something seems too good to be true… it probably is.
Common Motivations
We’re living in a material world… and the vast majority of us are material people. That doesn’t mean we’re obsessed with our stuff or money hungry, but most people live in a state where an infusion of money could totally change their lives. Whether it’s an increase in living standards, a better life for our kids or simply a way out of debt, most humans have an amount of money that will reliably spur their motivation.
The amount of easy money that may light a fire under us may differ, but the important thing is that the scammers know there is likely an amount that will push caution and logic out of your head and replace it with dreams of escaping whatever financial situation you’re worried about or transforming your life for the better. This is exactly what they’re counting on.
Once they’ve got you dreaming about easy money, they can count on your critical thinking skills being less engaged. After that, all they have to do is keep you on the line and let you dream.
Preying on Need and Greed
We all have needs to survive. The scammers out there can capitalize on this to make you justify some degree of trust or risk. Sometimes, they get you in the door with only fairly unbelievable claims… the level where your curiosity is piqued, but your brow may still be furrowed.
We don’t know what your job searching experience is… but from the writer of this article’s perspective, tech jobs at major metropolitan competitive prices don’t just drop into cold calls without some major strings attached.
The wages given are very high for someone sliding in to mass announce job openings. That having been said, they are not high for competitive jobs within the industry for the very qualified. The intention is that your brain says it’s implausible… but not impossible. So you DM out of curiosity. Then they have a direct line to work on you hard.
At the point they get you into their DMs or on their site, there are any number of scams that they could attempt to run on you. The important thing is that they now have you where they want you, thinking about what that money could do for you.
Sometimes these types of scams run a little more flagrantly too good to be true. As the reward is cranked up however, our mind has a way of justifying a greater amount of perceived risk.
In the case of this DM (that I received four of at the exact same time from four different accounts 🙄) they’ve abandoned the idea of believability. Instead, they’ve employed several ‘hard sell’ techniques to make the target careless enough to slip up.
First, there’s the ludicrous amount of free money they’re offering. They temper this free thousands of dollars worth of ETH by having the target ranked third… leaving a quiet voice in the back of your head saying, “Surely if it was a scam they’d have put me in first.”
Then there’s the time sensitivity. You only have 24 hours to activate your code! Oh no! No time to hesitate!!! Your decision-making reactively goes into high-pressure mode, making quick decisions with less information than it normally would. Of course once you go to their site, you’ll be asked to connect your wallet to get your winnings. Then they have access, and you are drained.
Note the inconsistencies across the messaging. “You have been RANDOMLY selected among users of Crypto Discord Servers.” AND “If you don’t know what is crypto and how to use it – ignore this message”. But how can both those things be needed? Why would they send this to someone who didn’t know ‘what is crypto’ if they selected participants from among crypto communities only? 🤔
Think about that… selected from “Crypto Discord Servers”. That makes sense for an airdrop of some new token from a brand new ecosystem trying to get its name and token out there… but what would a trading platform have to gain by giving away so much to people who are NOT already part of their platform?
There’s no CTA to sign up. No email opt-in to enter. No marketing win for the company who fronted the prize… big red flag. At best, they’re getting 3 new users out of this ~13.9 ETH prize. That’s not how marketing budgets work.
Also, did you notice how seemingly random words were capitalized throughout the message? The capital words in the first section act as subconscious triggers for your brain, priming you to follow through on the scam. When you scan the text, your brain automatically considers the capitals more important. If you’re old enough to remember the classic tag cloud on websites, think of it as that… except it’s logging keywords with your brain instead of AOL Search and AskJeeves.
Scamming Human Nature
You may be reading this and nodding your head thinking, “This kind of stuff would never work on me!” You’re probably wrong. It can work on anybody.
The reason that scammers use these tactics is that they do work. Everybody has an instinctive reaction when presented with these kinds of stimuli. We are able to overcome them by informing ourselves, but the instinct is still there. That is what scammers exploit.
If you are informed, however, you usually cease to be a target. Notice how the last example above said to ignore the message if you didn’t know what crypto was? They don’t want difficult onboarding. They want people to slide through their trap easily with just a little butter. If you are a difficult mark, you are no longer worth their time.
Most people are familiar with the classic Nigerian Prince con… again, a ‘too good to be true’ type of scam. In this type of advance payment scam you’ll often see the scammer deliberately misspell words, punctuate awkwardly or more or less just fail to perform the language they are typing in. This is because they don’t want people who think too critically to respond.
If you overlook all those obvious errors and their inconsistency with the idea of wealthy, well-educated royalty… you’ll probably overlook other things. If you spot the signs right away, the sharks don’t smell blood in the water.
Guarding Through Community Education
The way to fight these scammers is to inform ourselves and those around us. These kinds of cons are not going away as long as there is a gullible audience for them to exploit. While it’s unlikely that we’ll ever be universally free of these types of predators, we can be free of them within our community with education, support and good practices.
That is, after all, what The Guardian Papers is all about. We all come from different backgrounds. Some of this may be little more than review for some members of our community, but there are others that this is all new for.
When it comes to scammers, we really are only as strong as our weakest link. As long as the villains find an easy mark within our ranks, they will be here. With every link strong and resistant against them, they’ll go elsewhere and find somewhere else to practice their evil art. That is the strength of community.
That’s all for us this week, and that will wrap up our second module of the Guardian Papers! We’ll circle back to the methodology of scammers again in a later article, but Module 2 was designed to give you a brief overview of who the villains are and what tools they use. Hopefully you have that context and it helps you in the battle against the forces of darkness.
Next time, we’ll be starting in on Module 3. In this part of the series, we’ll shift back to proactive security and talk in more detail about these mean streets. We’ll dive into the corners of the web3 world where you tend to encounter cyber criminals and talk about how to spot them in their natural habitats.
Until then, stay safe out there heroes! Keep your wits about you, and remember to share your knowledge with your friends… our community is our greatest tool to keep us safe!