#空投防骗手册 Identifying Dangerous Signals
1. Fake Websites: Scammers often create fake websites that closely resemble legitimate projects, such as having domain names with only slight differences, like changing “coinbase.com” to “coinbase - official.com”. Meanwhile, the website design is rough, functionality is lacking, and there is no security certificate (no lock icon in the URL bar).
2. Unclear Team: The project team members' information is vague, lacking real names or resumes, or team members have backgrounds unrelated to the blockchain field, with no relevant profiles available on professional platforms like LinkedIn.
3. Suspicious Contracts: Contract code is not open-source, making community audits impossible; or the contract terms have abusive clauses, such as restricting withdrawal times or setting unreasonable high fees.
Verifying Project Legitimacy
1. On-chain Check: Use a blockchain explorer to see if the project's smart contract code is open-source, how the code quality is, and if there are any vulnerabilities; check the total supply and circulation of tokens to see if they match the claims made by the project team.
2. Community Research: Follow the project's official social media (Twitter, Telegram groups, etc.), check community activity and member feedback, and see if professionals are participating in discussions; search for project-related discussions on blockchain forums (like Baibite, Golden Finance Forum, etc.) to understand the community's evaluation of the project.
Common Scam Tactics
1. Fake Airdrops: Scammers claim there are huge airdrops and require users to first transfer a small “activation fee” or “handling fee,” but after the transfer, no airdrop arrives, and they continue to request fees for various reasons.
2. Phishing Link Airdrops: Sending airdrop invitations that contain phishing links, and when users click the link, they are directed to fake wallets or trading platforms, where inputting private keys and other information leads to asset theft.
Examples of Airdrops to Avoid and Reasons
I once received an airdrop invitation named “SuperToken,” claiming that holding this token would increase in value a thousand times in the future. The reasons for avoiding it are as follows: first, the project’s website has no team introduction, and the only contact is an invalid email; second, upon checking the blockchain explorer, its smart contract code is not open-source and cannot be audited for security; third, searching the community yields no professionals discussing the project, and users reported it as a scam. Considering these factors, I judged the risk to be extremely high and chose to avoid it.