No matter how safe one tries to be in the crypto space, there are always security risks. Bad actors or hackers try to steal your crypto and NFTs via scams, phishing attempts, and malware. If your cryptocurrency or NFT is stolen, it is extremely tough to get those assets back, if not downright impossible. Therefore, the onus to protect your assets is on you.
Here are some ways to proactively protect yourself on Async, in our Discord, and in the wider Web3 space.
Have a strong password
A strong password should be at least 12 characters long, and contain letters (both upper and lower case), numbers, and special characters. Best practices for passwords include not sharing this with anyone and having a different password for each different site or application. When possible, always use two-factor authentication.
Reminder: Never share your seed phrases/private keys with anyone. They are called private for a reason.
Don’t answer private messages from Async
Async will NEVER contact you privately or DM (direct message) you on Discord under any circumstances. If you see a friend request from someone claiming to be associated with Async, ignore it, as this will not be one of us. In fact, we suggest turning off DMs for all Discord channels as an extra precautionary measure. If you wish to contact us, the best way to do so is to open up a support ticket on Discord.
Never click on links
NEVER click links in DMs or public channels on the Async Discord. This applies to DMs and links on other platforms, such as Twitter and Instagram, and those in emails. Messages containing links that seem legitimate continue to be the most common way for hackers to try and steal your assets.
Only mint on the official Async website
The only official website for Async is https://async.art/.
Async will NEVER have stealth mints or secret sales. We do not engage with any offers of this kind. All drops are scheduled and announced before their drop date. You will never see random drops on our website or on social media channels. Scheduled pre and public sale dates can be located on a Blueprint’s minting page.
Recommended extra precautionary measures
Do not keep all of your funds and NFTs in one wallet. Spread your assets across multiple wallets for added security.
Have a single wallet used for purchases, another wallet for selling, and a vault wallet for long-term storage.
Store the seed phrase and private keys securely using paper or metallic imprinted cards in separate locations.
Use only known and secure Wi-Fi networks. A VPN (virtual private network) may be useful.
I’ve been hacked. What can I do?
It may be possible that even with all the measures above, you have fallen victim to a scam and been hacked. If so, please do the following:
Do not move more assets into the wallet
As the hacked wallet/account is now compromised, we recommend not to move any further funds or assets there. The hacker may still have access to your wallet and continue to steal its contents.
Contact Async immediately
Reach out to Async in a support ticket. On our end, we will mark your account as “[COMPROMISED]” in an effort to let others know not to interact with it. We can remove your email from the older account to make it available to you again but we won’t be able to transfer your assets over unfortunately.
Inform other marketplaces
If NFTs have been stolen, reach out to OpenSea and other marketplaces to let them know that these are stolen assets.
Create a new Async account
Make sure to use a new wallet address and password.
See also: General Async safety & security