I was recently #scammed and lost my #CloneX (@RTFKTstudios).
I've noticed a significant uptick in scams recently, so using my anecdote to help educate others🧵
Stay safe people!
I've noticed a significant uptick in scams recently, so using my anecdote to help educate others🧵
Stay safe people!
TL;DR (1):
1. Never assume the scammer is acting alone
2. If you're going to use Sudoswap or NFTTrader, make sure the right URLs are used
3. Always corroborate a Discord channel with the official website and Twitter page to make sure it's legit
1. Never assume the scammer is acting alone
2. If you're going to use Sudoswap or NFTTrader, make sure the right URLs are used
3. Always corroborate a Discord channel with the official website and Twitter page to make sure it's legit
TL;DR (2):
4. If the person mentions screensharing at any point, be weary. Likely an attempt to get you to reveal your seed words.
5. Similar to above, never be convinced to change your language within Metamask. Likely an attempt to get you to reveal your seed words.
4. If the person mentions screensharing at any point, be weary. Likely an attempt to get you to reveal your seed words.
5. Similar to above, never be convinced to change your language within Metamask. Likely an attempt to get you to reveal your seed words.
TL;DR (3):
6. If it's late and you're exhausted, wait until the next day. Your judgement will be clouded, you'll be rushed and you're more likely to make a bad call
7. Listen to your gut. If you're getting the feeling something is off, WALK AWAY!
6. If it's late and you're exhausted, wait until the next day. Your judgement will be clouded, you'll be rushed and you're more likely to make a bad call
7. Listen to your gut. If you're getting the feeling something is off, WALK AWAY!
Here's what happened:
Very elaborate scam. 2-3 people involved
2AM - Someone reached out to me to buy my Clone VIA Sudoswap
Settled on a price and he agreed I can set up the trade (to me this was a green light that they were legit, as they were letting me set-up trade on Sudo)
Very elaborate scam. 2-3 people involved
2AM - Someone reached out to me to buy my Clone VIA Sudoswap
Settled on a price and he agreed I can set up the trade (to me this was a green light that they were legit, as they were letting me set-up trade on Sudo)
I set-up the trade and sent him the Sudoswap link and he sent me a screenshot with an error message at the top that looked like this: 
I'd never seen that error before. I tried a few more times and he kept saying he got that error.
So I typed in the Discord link it mentioned and joined the Sudoswap Discord which turned out to be fake.
I spoke to a fake Admin that offered to help us.
So I typed in the Discord link it mentioned and joined the Sudoswap Discord which turned out to be fake.
I spoke to a fake Admin that offered to help us.
He suggested some useless stuff like clearing Cache and closing and re-opening the browser. In reality, that error message wasn't real. It was added to the screenshot to pretend there was an error.
He suggested we jump on a Voice chat so he could walk us through it.
He suggested we jump on a Voice chat so he could walk us through it.
When I got in the call, he asked that the person I was trading with be added as well. This is when it became a real 2 VS 1 social pressure move.
He then asked us both to screenshare with him so he can see firsthand where the issue is.
He then asked us both to screenshare with him so he can see firsthand where the issue is.
He asked the other guy to start the trade this time, which was blank (i.e. set-up with no assets on either side). The "admin" claimed there was a sync issue with Metamask causing the problem.
To "re-sync", he suggested we change our MM language
To "re-sync", he suggested we change our MM language
Once changed, he told us to navigate to "Account Details" and "Export Private Key". Given it was another language, it was not possible to identify that this is what he was asking me to do.
Exporting requires entering your password. This sketched me out!
Exporting requires entering your password. This sketched me out!
Entering my password within MM settings was a red flag. I told them I wasn't comfortable and they quickly responded with "No problem. There's another solution - it may not fix your problem going forward, but at least you can get the trade done".
I wish I had changed my language back to English at that point... I would have seen they were trying to get me to reveal my seedwords and would have known right away it was a scam. But alas...
The second "solution" was for the Admin to set-up the trade for us.
He sent a website that looked exactly like sudoswap.xyz (official website), except the URL was sudoswaps.xyz. When I asked him about it, he said that it was the administrative back-end...
He sent a website that looked exactly like sudoswap.xyz (official website), except the URL was sudoswaps.xyz. When I asked him about it, he said that it was the administrative back-end...
3AM at this point, I was exhausted. The response sounded plausible.
The fake trader that originally reached out to me said that he connected his wallet and accepted the trade without issues this time. Social pressure...
The fake trader that originally reached out to me said that he connected his wallet and accepted the trade without issues this time. Social pressure...
Although I was weirded out by the Sudoswaps URL, in the moment, during voice chat with two strangers that sounded very calm and collected, I made the poor judgement call to accept the swap.
It wasn't a real swap transaction, but rather a simple send transaction. My NFT was sent to the scammer's wallet who then sold it within minutes.
Looking at their transaction history, this group has done this about 20+ times and has earned 100eth in less than 1 month.
Looking at their transaction history, this group has done this about 20+ times and has earned 100eth in less than 1 month.
And that's how it happened...
With scamming being lucrative and hard to trace, I don't expect these efforts to stop. They will only become more sophisticated.
I plan on sharing other attack vectors I'm aware of publicly as well, to continue to help educate.
With scamming being lucrative and hard to trace, I don't expect these efforts to stop. They will only become more sophisticated.
I plan on sharing other attack vectors I'm aware of publicly as well, to continue to help educate.
Unless you are savvy in the space and are hyper alert for scams, just stick with OpenSea or other reputable marketplaces.
I know commissions/royalties add up, but it isn't worth losing your NFT to save 5 - 12.5% fees.
I know commissions/royalties add up, but it isn't worth losing your NFT to save 5 - 12.5% fees.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
