Security basics: phishing, approvals, and MEV
Most losses come from phishing and user mistakes—not from “the protocol being hacked”.
Phishing
- Lookalike domains and search ads.
- Fake “support” asking for seed phrases.
Approvals (allowances)
Unlimited approvals are like blank checks. Use smaller limits when possible and periodically review allowances.
MEV and sandwiching
High slippage and thin liquidity can increase the risk of worse execution. Mitigate with deeper pools, smaller trades, and sensible slippage.
Browser and wallet hygiene
- Use a dedicated browser profile for crypto activity.
- Prefer hardware wallets for larger balances.
- Keep extensions minimal and up to date.
Social engineering is the real “hack”
Most scams are conversational: fake support, fake airdrops, urgent messages, and impersonation. Slow down and verify.
Approvals vs signatures
Not every prompt is a transaction. Sometimes you sign a message. Some signature schemes (like “permit”) can grant spending permission without an on‑chain approval transaction. Treat signatures with the same seriousness as approvals: read what you’re signing and who benefits from it.
High‑risk patterns
- “Airdrop claim” pages that ask you to connect a wallet and sign multiple prompts.
- Support accounts that ask for screen sharing or remote control.
- Urgent messages that push you to act fast.
Safer workflow
- Bookmark important domains.
- Verify token addresses.
- Use limited approvals where possible.
- Review old approvals periodically.
Wallet confirmations: what “looks normal”
For a standard swap, you typically see either an approval transaction (first time for a token) or the swap transaction itself. If you see unusual prompts — repeated signatures, unknown contract interactions, or requests that don’t match your action — stop and investigate.
Reduce blast radius
- Use a separate wallet for experimentation.
- Keep your main funds in a “cold” wallet you rarely connect.
- Limit approvals and revoke ones you no longer need.