We noticed that there's been an alarmingly increasing number of hacked MetaMask accounts, which is why we have put together 12 tips and a few examples that could help you decrease the chance of being hacked.
Rule #1: Never share your 12 words Secret Recovery Phrase (seed phrase) or private keys
Rule #2: Never DM with someone offering to help.
Rule #3: Never enter your secret seed phrase or private keys into any website online.
Rule #4: Never trust someone asking you to “authenticate your wallet”
Rule #5: Never import to your wallet a private key or a seed phrase someone gave you
Rule #6: DO NOT join discord servers, WhatsApps groups, WeChat groups, Telegram channels, or Twitter DMs. These are all scams. MetaMask does not support these.
Rule # 7: Don't leave your device switched on with connected MetaMask
Rule # 8: Create a dedicated wallet for each project
A few examples:
- There are a bunch of fake swaps. If you try to swap or approve something on them, such transactions, in fact, will go to unstake and will be transferred to scammers' addresses
- Another unusual scam is that you may receive a lot of tokens in your wallet (usually around 50 BNB). If you try to withdraw these tokens, you can lose your whole balance. To put it simply, the approval method in the contract is not actually an approval.
DISCLAIMER: This is a list based on the following source: https://community.metamask.io/t/metamask-extension-accounts-hacked-w-o-keys/5609
These rules do NOT guarantee you to be safe from all of the scammers but they help you be more prepared if that's the case.