In recent days, several horror stories have sprang up on Twitter regarding users losing their apes and crypto wallets to scams.
Crypto Twitter celebrity, fvckvender was the victim of a SCR file scam and got his entire Metamask wallet stolen and several Bored Apes were purchased on Opensea for less than a few US dollars.
For many people in the Bored Ape Yacht Club community, their ape is their first NFT. This means that many apes are new to the whole idea of crypto security.
The Bored Ape Gazette sat down with Twitter user RDM_41, Bored Ape #9449 known as Baloo to discuss crypto security and safety precautions that every ape should be taking.
Baloo has been deep into Ethereum for about a year and purchased his first crypto currency in 2017. Baloo has never personally had an issue with any scams and he credits that to the safety measures he has taken to protect himself.
Check out our interview with Baloo below and find out his thoughts on MetaMask mobile vs. desktop, email phising scams and other ways you can avoid being a victim.
1.What’s the number one threat to apes accounts?
“The number one threat in my opinion is email links. Email is the largest global security risk the corporations face and the BAYC will be no different."
2. How can apes protect themselves?
“Apes can protect themselves by reading their emails from a device that is not connected to a browser with MetaMask installed. I know this is inconvenient, but all good security is inconvenient.”
3. What are some cold/ hot wallet options for apes that are concerned about safety?
"The absolute best wallets in my opinion are multi sig, social recovery smart contract wallets. Gas in smart contract wallets cost more but it is worth it in my opinion. If you’re going with a hardware/cold wallet then I would go with Trezor. But absolutely only ever buy it from the legit company website. Any 3rd party sale is likely to have security issues including preloaded scripts on the wallet, exposure of private keys, etc."
4. Is metamask a safe place to store your ape and nfts? If not where should apes store things?
“Yes MetaMask is safe to the extent you pay attention and you are safe. These MetaMask looking signature links are very scary to me. There are going to be so many normal people that would fall for this. Hackers have mainly targeted high end individuals with this so it must be a time consuming hack to pull off but it’s a very scary one to me. Always need to pay close attention when signing a MetaMask transaction. Ultimately yes MetaMask is safe, but the analogy I would use is MetaMask is a vehicle & like a vehicle in real life if you don’t pay attention you can get hurt & you might blame MetaMask but the truth is you were the security vulnerability not MetaMask.”
5. I’ve been told lots of apes do everything on their iPhone. Is metamask on an iPhone safe? How specially can apes protect themselves while on their phone?
"MetaMask on the phone is safe. Apes may feel more safe on the iPhone because they are in the Apple ecosystem which is much less prone to security issues. Another reason mobile works well is downloading & running executable files (like the one that got fvckvender) is much more difficult. Also as far as how apes can protect themselves on the phone using MM, don’t click links you are unsure of, don’t use MM on the same phone/device/computer that you use your email on, & consistently disconnect from unused sites that your MM wallet is connected to."
7.When you say don’t use email and Metamask on the same device, does that just mean not using email in MetaMask browser or not using any type of email app on the same phone as your metamask?
"Not using any type of email app on the phone that you also use MetaMask on. Also it would be way worse to use email in the MM browser than just use an email app on the phone but both are potential security vulnerabilities. Absolute most security is to avoid email at all costs due to phishing scam links that happen often. It’s a much bigger problem on a desktop which is another reason apes might prefer mobile, but honestly another concern on mobile is using android. There are plenty of fraud apps in the google play App Store vs the iPhone App Store is much more secure."
6. How would you recommend apes keep their seed phrase safe?
"Seed phrase is a tough one, lots of good ways to do it, I’m not a fan of paper, much more a fan of something like https://simbit.com. I have something similar to this at my house. The one tip here would be don’t ever order one of these devices from a website that makes you put in your private keys to the website. You should order a kit and build out the private keys yourself. They will send a full kit with multiple copies of the alphabet on sheets of metal for you to ouch yourself and build the private key storage device with your private keys."
Do you have any other tips?
"One thing you didn’t mention is running at least two wallets is a good plan as well. One multi sig smart contract wallet to hold long term hold funds & MetaMask for NFTs and small amount of liquidity.
The Bored Ape Gazette believes educating apes on the importance of crypto security is crucial to the BAYC community. We will continue to do these safety talks with community members because keeping apes NFTs and cryptocurrencies safe should be everyones top priority.