As the online space develops, so too do the tactics of bad actors. What started as simple phishing emails has now evolved into more complex scams, including fake contract addresses, impersonation, and even AI-generated content. Recently, there has been a significant increase in X account hacks, sometimes targeting high-profile figures. These hacks are often used to disseminate fraudulent links and fake token offerings, leading to potential financial losses.
The most effective defense against these threats is vigilance, awareness, and skepticism. By familiarizing yourself with VeeFriends’ launch practices, understanding the tactics used by scammers, and learning how to properly verify information, you can greatly minimize the risk of falling prey to these schemes.
At VeeFriends, we strive to uphold the highest standards of transparency when launching new releases. We want our community to feel informed and secure every step of the way.
We do not engage in stealth drops. If VeeFriends is launching a new initiative you will be informed well in advance. These announcements will be heavily promoted across our official channels, including our verified X account, Discord, Instagram, blog, email, and website — often times with Founder, Gary Vaynerchuk promoting on his official channels. There will be no surprise or secret launches — only clear, open communication.
Given the rapid pace of the online world, and especially the onchain space, we urge you to always verify any new offerings before engaging. Scammers are quick to exploit FOMO (Fear of Missing Out), but by staying vigilant and double-checking the authenticity of information, you can protect yourself from malicious actors.
1. Verify Contract Addresses and Links
The recent hack is a clear example of the danger in interacting with fake contract addresses. If you come across a token shared from an unverified source — especially a social media account that hasn’t been confirmed as official — do not engage. Always verify contract addresses through official VeeFriends channels, such as our verified X account, website, or Discord.
We recommend checking all of VeeFriends’ official communication channels and reaching out to the team directly if you’re ever uncertain about the authenticity of a post.
Steps to verify a contract address:
Check multiple official sources. Always verify any announcements through all official channels and sources. If you only see an announcement from a single source and not across all sources, along with an announcement that seems suspicious, more often than not it is fake.Use trusted block explorers like Etherscan to verify contract addresses.Never click on links sent via DMs or unsolicited messages. Always double-check the URL for any signs of misspellings or impersonation.
2. Be Aware of Phishing and Spoofing Scams
Phishing scams have grown increasingly sophisticated. Hackers are now sending emails and messages that look legitimate, often appearing to come from trusted sources like VeeFriends or GaryVee. These messages typically contain malicious links designed to steal personal information. Spoofing is another common tactic, where attackers use email addresses or profiles that appear legitimate but are slightly altered to deceive you.
How to avoid phishing and spoofing:
Double-check the sender’s email address. Official emails from VeeFriends will always come from a @veefriends.com domain. Be cautious of slight discrepancies in the email address or domain name.Take your time. Scammers thrive on creating urgency. If something feels too good to be true or too rushed, it probably is.Verify claims across multiple platforms. If VeeFriends launches anything, it will be communicated across all of our official channels — never just through email or DMs.
3. Beware of Fake Social Media Accounts
Scammers frequently create fake social media profiles impersonating VeeFriends or GaryVee. These accounts may appear similar at first glance, but they can often be identified by the absence of a blue (or gold) verification checkmark or slight variations in their profile name.
What to do if you encounter a fake account:
Report the account. If you spot a fake account, report it immediately through the platform’s reporting tool.Never trust unsolicited DMs. Official VeeFriends accounts will never reach out to you via DM regarding investments, minting, or whitelists.
4. AI-Generated Impersonation Scams
An emerging threat in the online space is the use of AI to impersonate voices, videos, and written content. Scammers have used AI technology to imitate GaryVee’s voice and videos, attempting to gain trust and manipulate users. This form of scam is particularly dangerous because it can be hard to tell the difference between genuine and AI-generated content.
How to protect yourself from AI impersonators:
Stay skeptical. If you receive an unexpected message or invitation that seems too personal or too good to be true, pause and verify its authenticity.Understand communication channels. VeeFriends and GaryVee do not use platforms like Telegram for official communications. Any invitation to a Telegram group claiming to be affiliated with VeeFriends should be treated with caution.
5. Telegram Scams: VeeFriends Does Not Use Telegram for Official Communications
VeeFriends does not use Telegram for any official communications. Any invitation to a Telegram group claiming to be affiliated with VeeFriends should be treated with caution. Scammers often impersonate brands or community leaders in Telegram groups to manipulate and deceive users.
If you come across a Telegram group or message that claims to represent VeeFriends, do not click on any links and avoid interacting with any members until you’ve verified the legitimacy of the group. Official communications from VeeFriends will never direct you to a Telegram group, nor will we ask for personal information, investments, or other sensitive details through the platform.
Here are some key safety tips for navigating Telegram:
Do not click on links in unsolicited messages or invites. These links can lead to phishing websites or malicious content. Always verify the source before interacting with any link shared in a message.Double-check the verification terminal. Verification should never ask you to input your Telegram login credentials to join or access a chat. If you’re prompted to log in again to “join the group,” that’s a major red flag!Enable Two-Factor Authentication (2FA) for added security. This extra layer of protection makes it harder for malicious actors to gain unauthorized access to your Telegram account. Always set up 2FA for your Telegram account to ensure that even if someone gains access to your password, they won’t be able to take control of your account.
Always be cautious when interacting with Telegram groups or messages that claim to be related to VeeFriends. If you are ever in doubt, reach out to us through our verified official channels to confirm the legitimacy of any communication.
As the onchain and online spaces evolve, so do the threats to your security. Implementing strong security practices is crucial to safeguarding your assets and personal information. Here are some best practices to follow to ensure your security is as robust as possible:
1. Use a Hardware Wallet
A hardware wallet is one of the most secure ways to store your assets. It keeps your private keys offline, significantly reducing the risk of being hacked. Unlike software wallets, hardware wallets are less vulnerable to malware, phishing attacks, and other online threats.
Action Item: Invest in a reputable hardware wallet, such as a Ledger or Trezor. Use it for storing valuable NFTs or cryptocurrency that you don’t need to access frequently.
2. Separate Your Wallets
Using a single wallet for everything exposes you to higher risk. A safer approach is to separate your wallets based on their use. For example, you should use a “hot wallet” for interacting with websites, minting, and trading, while keeping your more valuable assets — like NFTs or long-term holdings — in a “cold wallet.”
Action Item: Create multiple wallets for different purposes. Store high-value items (such as rare NFTs or large amounts of cryptocurrency) in a cold wallet, which stays offline and is less susceptible to attacks.
3. Disconnect Your Wallet Regularly
Once you finish using a site or service, make sure to disconnect your wallet from it. Leaving your wallet connected to untrusted sites increases your risk of malicious access.
Action Item: Always disconnect your wallet after using it for transactions or minting. Many wallet services allow you to easily disconnect by going to the “connected sites” section of your wallet app.
4. Revoke “Set Approval For All” Permissions
The “Set Approval For All” feature allows platforms and smart contracts to access your tokens. However, if you no longer need these approvals, it’s best to revoke them. This prevents any platform or contract from being able to access your assets without your permission.
Action Item: Use trusted platforms like Revoke.cash to check which smart contracts have approval to access your tokens. Revoke any unnecessary or outdated permissions to ensure no one can access your assets without your knowledge.
5. Enable Two-Factor Authentication (2FA)
Two-factor authentication (2FA) adds an extra layer of security to your accounts by requiring a second form of verification — usually a code sent to your phone or email — before you can access your wallet or other services.
Action Item: Set up 2FA on your wallets, exchanges, and any other platforms that support it. This step adds an additional layer of protection against unauthorized access.
6. Back Up Your Seed Phrase and Private Keys Securely
Your seed phrase and private keys are the keys to your wallet. If these are lost or stolen, you could lose access to your assets. Never store them digitally or online. Instead, keep them in a secure physical location, such as a safe.
Action Item: Write down your seed phrase and private keys on paper and store them in a secure place, like a safe deposit box. Never share these details with anyone, and avoid storing them digitally.
7. Be Cautious with Links and Downloads
Phishing attacks often rely on users clicking malicious links or downloading files from untrusted sources. Be especially cautious with links sent via email, DMs, or social media. Always verify the source before clicking.
Action Item: Avoid clicking links in unsolicited messages. Instead, go directly to official websites through bookmarks or trusted search engines. Never download files from unknown or suspicious sources.
8. Keep Your Software and Devices Up to Date
Many cyberattacks exploit vulnerabilities in outdated software or operating systems. Keeping your devices and software updated ensures that you are protected against the latest security threats.
Action Item: Regularly update your device operating system, wallet apps, antivirus software, and any other tools you use to interact.
