From Fake Banksys to Rug Pulls: The Risks of DeFi and How to Keep Safe

”Not your keys, not your tokens”. How many times have you heard this piece of advice within the crypto community? It may become repetitive, but becoming your own bank also involves doubling down on security, to avoid internal and outside risks. Crypto’s novelty still comes attached to some security challenges, while the barrier to set up a fully secure operation for individual traders is also high.

As a result, crypto suffers from new hacks, phishing attacks, rug pulls (inside robberies), fake websites, scam ICOs, and even fake deaths. With the rise of decentralised finance (DeFi), it is natural that hackers and mal-intentioned parties start looking at this new sector as a prime target for their illegal endeavours. If that’s almost inevitable, how can you protect yourself, and what risks should you consider? Let’s find out.

Be Aware of the Risks in Crypto and DeFi

In 2020, digital hacks and online attacks generated more than $1.9 billion in losses for individuals and companies. Nevertheless, losses are reducing with crypto markets maturity which has improved security systems, and new regulations.

DeFi’s novelty within the crypto sector and its open mantra lead to an additional challenge for individuals and protocols to reach a balance between their decentralised offering and the centralised security architecture to prevent attacks. Hackers are constantly improving their information penetration mechanisms and coming up with new ways to steal private keys, personal information, and, ultimately, crypto assets.

Until June this year, more than $400 million had been stolen in DeFi related attacks. In August, a famous hack jumped to the first page of the news, with a hacker exploiting a security issue in a DeFi protocol and stealing more than $600 million. Protocols and companies still have a long way to go, but for users as traders, long-term investors, or DeFi/NFT enthusiasts, there are a few things that can be done to avoid this.

Which signals should you look for to avoid being part of the statistic?

Be Your Own Vault!

Delving into crypto and DeFi requires taking on security measures while being attentive to outside threats, while going from one exchange, dApp platform, game and DeFi protocol to another.

Firstly, it’s good practice to set up entirely different, and hopefully, AI-generated passwords for each exchange and crypto platform that you use. Users can manage passwords with decentralised solutions, however, the best practice is to store written records, while also finding suitable storage and locations for them. Also, users can keep data stored offline on USB devices, however, if a computer is phished or exploited in any way then the data may still be visible when plugged in and accessed.

The same is true when you set up private keys for wallets like Metamask and others, which are essential when transferring or withdrawing funds from an online (i.e., hot) environment to cold storage. It is advisable to keep your private key in the most secure place you can find, while also making duplicates ensuring there are backups kept should something happen in one of the storing locations. This will ensure there is a solution at hand and minimize the risks of losing your private keys.

Finally, if you’re a long-term crypto user, consider transferring funds to a cold storage solution (e.g. Trezor). If you’re an active trader, it becomes more difficult to use cold storage as a good portion of your portfolio is on exchanges most of the time. However, try to spread funds across platforms while keeping strict log-in security measures (e.g. two-factor authentication).

Be on the Lookout for Signals

Beyond the security procedures that you can set up to prevent hacks to your wallets and funds, there are a few things users should pay attention to daily. In crypto and DeFi, some phishing attacks occur whereby hackers set up indistinguishable websites for popular platforms (e.g. Binance, Metamask). In those cases, you should always check the domain and its URL (i.e. it must have ”HTTPS” before the domain). If you frequently use these platforms, you might forget to check these details, but they make all the difference in either being at a secure site or being phished.

Additionally, be suspicious of ”too good to be true” campaigns. For example, airdrop campaigns worth thousands from a very recent company, with no social reputation and sketchy onboarding procedures (e.g. simple google docs, asking for donations). It may well be ”too good to be true”.

With the rise of NFTs, another similar trend to the fake airdrops is surging, involving fake clones of digital art pieces. Fraudsters create NFTs related to famous artists and pop culture personalities to draw attention and sell NFTs that have no real connection to those artists or are just clones of existing pieces. The only purpose of attaching famous people to the pieces is to attract mainstream audiences, gather personal information, and steal funds. Recently, hackers tried this approach with Banksy-related NFTs, while the list goes on for other personalities (e.g. Andy Warhol).

The Path Forward: Development, Innovation & Security

With NFTs getting mainstream, it is natural that hackers and scammers shift from attacks on centralised parties to the tools enabling the DeFi emergence. However, new decentralised solutions with copyrighting at their core, to prevent frauds, more security measures implemented by platforms, and the increasing regulations in the sector, all work in favour of a more secure landscape in the future. On a personal side, if you also follow these security tips, you’ll be much safer while the development and innovation of the sector continues, evolving to the point where attacks have less impact. Staking dApp & NFT Raffle

Speaking of DeFi and NFTs make sure to check out the $BURP staking guide which helps to walk users through connecting into Web3. You can have the chance to win some of the first series of generative NFTs by getting involved in the NFT Raffle. Through staking on you can win raffle tickets — longer stakes can earn multipliers to earn more raffle tickets — and be in with the chance to win some of the MealDrops NFTs!

Stay up to date with everything by following the channels and joining the social communities!

About $BURP

$BURP is the official token of the $BURP ecosystem of products including but not limited to non-custodial token management, staking mechanisms, NFT raffles and swap-fee rewards via $BURPback.

Important Information

Cryptocurrencies and crypto tokens are generally not regulated and investors do not have access to recourse or compensation schemes such as, for example, in the UK, the Financial Ombudsman Service or the Financial Services Compensation Scheme. Investing in cryptocurrencies and purchasing crypto tokens can be high risk and investors should carefully evaluate their appetite for risk and their understanding of trading cryptocurrencies prior to entering into a transaction.



Cryptocurrencies are unregulated in the UK. Gains are subject to taxable charges. Cryptocurrency can be highly volatile. Capital at risk.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

Cryptocurrencies are unregulated in the UK. Gains are subject to taxable charges. Cryptocurrency can be highly volatile. Capital at risk.