In simple terms, a witch attack refers to one person controlling multiple accounts or addresses, masquerading as different users to obtain more airdrop rewards. Project teams usually identify such behavior through on-chain analysis, social mapping, IP detection, and other methods, so we must avoid being detected through account management, on-chain behavior, and social interaction. 🥸
When participating in airdrop projects, we are often required to complete some social tasks, such as following on Twitter, joining Discord, retweeting posts, etc. Here are several key points to help you reduce the risk of being identified as a witch: 🧐
1. Email management🥸
First, manage your emails properly. Each account should use a separate email, such as Gmail or Outlook; do not use the same domain or associated emails. Do not think about registering multiple social accounts with one email, as project teams can easily track you through email associations. Additionally, keep the email active by logging in regularly, sending and receiving emails, to appear as a real user.
2. Social account planning🥸
X account: it needs a bit of 'human touch.' Set up personalized avatars, bios, and background images; do not use default settings. Occasionally post original content or interact with Web3-related posts, such as liking or commenting. When operating, do not be too mechanical; multiple accounts should not simultaneously follow the same project or retweet identical posts, with time and actions staggered.
Dc account: 🥸
Join the project's Discord in advance; do not wait until the tasks are released to rush in. Stay active in the community, participate in discussions, ask questions, and reply to others to maintain a natural presence. Do not let multiple accounts post similar content in the same channel. Additionally, try to obtain roles given by the project team, such as 'Galaxy' or 'Layer3,' to make the accounts appear more credible.
TG account: 🥸
Use a separate phone number; do not let multiple accounts share one number. Stay low-key, only complete the required tasks, and avoid frequent speaking to prevent being linked.
3. Social graph isolation🥸
Do not let your accounts 'visit each other.' Do not let them mutually follow, like, or retweet; otherwise, social mapping analysis can discover in an instant that they are the same person. The follow lists of each account should also be diversified, following different projects or KOLs to simulate real user interests.
4. Fingerprint browser and IP isolation🥸
Use a fingerprint browser, such as MoreLogin, to create independent browsing environments for each account, preventing browser fingerprints, such as Cookies or device information, from linking you. IPs should also be separated; use proxy services to assign different IPs to each account, reducing the risk of detection.
Key points for anti-witch on-chain interaction tasks🥸
On-chain tasks such as trading, staking, and lending are at the core of airdrops. Project teams will analyze on-chain behavior to identify witch accounts, so be extra cautious:
Each account must use a separate wallet address; do not share a main wallet, nor pool funds into the same address. Fund sources must also be isolated; withdraw directly from exchanges, such as Binance or OKX, to each wallet without transferring between wallets, or the on-chain association will expose you. Keep small funds in the wallet to simulate ordinary users, and avoid large centralized operations.
Diversify interactions; do not just perform tasks designated by the project. Participate in various DApps, such as trading on DEX, minting NFTs, etc., to make your behavior look more natural. The operation times of different wallets should be staggered; do not concentrate in the same time frame, or the algorithm can catch you instantly. You can also insert some 'smoke bombs,' such as participating in some low-cost non-airdrop projects, like simple trades or lending, to make the on-chain records appear more real. Wallets should remain active long-term, making small transactions once or twice a week; do not use temporary 'shell' wallets.
3. Avoid suspicious patterns🥸
Do not let multiple wallets repeat the same task sequence, such as using the same amount or calling the same contract; this is too obvious. Avoid batch operations, and do not use multiple wallets to repeatedly call the same smart contract in a short period, as this can be seen as bot-like behavior. Transaction amounts must also be randomized, such as using 0.013 ETH instead of a neat 0.01 ETH.
In general, social and on-chain behavior should resemble that of a real user. Do not focus solely on airdrop tasks; participate more in the Web3 ecosystem, such as following industry trends and participating in community voting. Distribute tasks across different times, devices, and IPs to reduce the risk of being linked. It is advisable to document each account's email, wallet address, IP, and task progress in a spreadsheet to avoid confusion. It is best to nurture accounts in advance for at least 1-3 months, regularly participating in Web3 activities to increase credibility. Avoid using one-time accounts, as they can easily be flagged and affect future airdrop eligibility.
Finally, let’s talk about synchronizers. Synchronizers can help automate the completion of social tasks or on-chain interactions, improving efficiency, but if used improperly, they can easily be identified as witches, resulting in account bans.
1. Social tasks synchronizer🥸
When using a synchronizer for social tasks, such as batch following, retweeting, and liking, pay attention to randomization. Set random time intervals of 5-30 seconds to prevent multiple accounts from operating simultaneously. Comments or retweeted content should have differences, and you can use AI to generate natural text. Do not only do airdrop tasks; insert unrelated actions, such as liking Web3 unrelated posts or joining other communities, to appear as a real user.
When using a synchronizer to batch call smart contracts for on-chain tasks, the transaction amounts should be random, such as 0.0123 ETH or 0.019 ETH; do not use fixed amounts. Set random delays of 10-60 seconds to avoid multiple wallets operating simultaneously. The synchronizer should also simulate human behavior, such as mouse movement and clicking patterns; do not let the actions appear robotic. Wallets must be completely isolated, with no direct transfers or interaction between them.
In short, the core of witch prevention is to make your account and behavior as much like a real user as possible. Randomization, decentralization, and long-term account nurturing are key. With careful planning, you can significantly reduce the risk of being identified while increasing the success rate of airdrops. That's it for now regarding witch attack prevention; see you next time 88