In the world of Web3, anyone can fall victim to scams, regardless of their experience. In this article, I share my experience and lessons to help others avoid similar pitfalls.
How It All Started: The Social Engineering Trap
My story began on March 13, when I received a Telegram message from a seemingly trusted connection inviting me to speak on a podcast. This was the first red flag, as their account had been compromised. The project, NexVoo, looked suspicious, yet the scammers were smart enough to gain my trust by offering realistic topics and rescheduling our meetings several times.
The Malware Hack
On March 18, I was sent a Talksy link with a meeting code and instructions to download an app. Despite my hesitation, trust in whom I thought was a friend led me to proceed. After launching the app, nothing happened, and only later did I realize it was the calm before the storm. The next day, I learned that my wallets were being drained live.
What I Did Wrong (and What You Can Learn)
I made several mistakes that cost me my funds. I was unaware of warnings about the account compromise and failed to verify sources. I acted too slowly, and kept assets in hot wallets. On the other hand, I swiftly reset my PC, used my phone to change passwords, and transferred remaining assets to safer places. It's crucial to share this experience to help others avoid similar situations.
This experience reminded me of the importance of community in Web3. Despite the lurking threats in this field, support and mutual assistance remain crucial. I hope my story helps others avoid making the same mistakes.
