//The Recent Flood of AirDrops

The Recent Flood of AirDrops

As I suspected, it seems that many of this huge flood of AirDrops are ploys. Their goal is to get your emails/and or passwords when you sign up for them. Many are hoping you reuse the same email and password combo for websites such as:

  • Your email provider (Google, Yahoo, etc)
  • Bittrex
  • Poloniex
  • Any exchange and account of value

I sure hope you are not doing this and are using something such as LastPass to manage complex passwords and have 2nd Factor Authentication (Android, iOS) enabled on everything you possibly can. Yes 2FA is a pain in the ass. Is keeping your crypto safe worth a little inconvenience?

Many of these low quality AirDrops seem to have little substance, few plans, and no information available. The sites want you to provide an email and ETH/WAVES address to get you ‘hooked’ in their network. More will require you to register on their website, join their slack, telegram, etc. From there they can attempt to gain access to your email account by reusing your entered email/password from your registration on their site (if required).

Telegram and Slack are growing targets with scams and phishing links being spread like wildfire, especially those that target getting users to provide the scammers with the MyEtherWallet private key or UTC keystore file. From there the accounts would be either A) drained immediately or B) monitored and drained when convenient. The following image is a screenshot of a common Slack MEW scam. Please do not fall for these!