*Paid Advertisement. Not financial advice. RugDoc is not responsible for the projects showcased here. DYOR and ape safu.
If you have been following RugDoc’s Twitter or Telegram group, chances are big that you have noticed the amount of DeFi scams that are pulled off. In this DeFi Farm 103 guide we will explain which DeFi (farm) scams you should watch out for and how you can decrease the risks of getting scammed.
A scam in DeFi is occurs when a malicious group or individual manages to steal your assets by using malicious smart contracts (such as hard rugs) or by dumping the price of their token by suddenly selling huge amounts of them (soft rugs). DeFi scams can be devided into 2 categories:
These types of scams typically happen in farming or liquidity pools designed by malicious developers in order to steal your assets. Farm scams are pulled off by letting unknowing investors interact with the malicious developers’ masterchef smart contracts. Usually such masterchef contracts contain function such as a migrator to an external wallet and no timelock. With inbuilt features like the aforementioned migrators, developers can drain their smart contract at any time, stealing all your funds. This scam is called a rug-pull. You can read more about how to check masterchef contracts for malicious features here.
Another common scam is the soft rug. These types of rugs are harder to find out, as developers tend to first earn a lot of trust from the community before executing this scam. Soft rugs are performed when a group (of developers) hold a big amount of a token and decide to sell everything at once, resulting in the price of the token crashing down. This action leaves other investors with worthless tokens, and thus big losses.
Person scams are usually performed by requesting investors to fill in specific forms with sensitive information such as private keys and seed phrases. By doing so, scammers are able to fully take control of the wallet and proceed to send all the assets to their own wallet. Please note: Never share your private keys or seed phrase with anyone, not even trusted parties.
Another frequently used scam is that the investor is requested via their web3 wallet, in order to buy a token, to give unlimited permission to their smart contract. Once done, even if the investor has managed to retrieve his assets from the farm-/liquidity pool, the scammer is still able to drain the web3 wallet of the investor because of his unlimited permissions. If you want to learn more about revoking smart contract permissions, click here.
Prior to investing into a DeFi farm- or liquidity pool, it is wise to conduct some research to verify if the platform and/or its pools are legit.
Whenever you come across a pool of interested, make sure you perform the following steps:
Due to DeFi being permissionless, the amount of scams have increased drastically. However, If you know what to look out for, you can reduce most of the risks. By sticking to more popular DeFi protocols such as Pancakeswap or Sushiswap and popular tokens such as ETH, BNB, BUSD, BTCB or Cake, you can get used to the DeFi space without high chances to get scammed.
Save my name, email, and website in this browser for the next time I comment.