Thanks to Taylor at MyEtherWallet for this
So you got a message on Telegram or Slack, someone tweeted about hot new token sale. Keep your finger calm – don’t click. Go to your browser and google what you saw: the name of the token + “token contribution” or “ethereum” or “token”.
2. Check the URL. Is it the same as the message received?
Okay….but how do I know this is the right URL?
3. Token name + “twitter” – Google is your friend again
4. Check out the Twitter. Everything looking good still?
Important thing to check on Twitter is the URL mentioned in the profile bio and the USERNAME of the account. Be wary of weird things like _ or captial-i’s that look like l’s or O’s that look like 0’s. This indicate a scammer.
Don’t use number of followers as a metric – you can buy a bunch of those on blackhat markets. Also, number of images, tweets and the name of the Twitter account are easily cloned by fake accounts. Just ignore those.
If you have followers in common with that account – that is a good sign! The URL they provide match the URL you were on earlier. So let’s get the address…..
5. Check out the address on etherscan.io
….and let’s check the comments on Etherscan.
Does it have any comments? Are they all angry people who had their funds stolen?
Or is there some add’l verification that this is legit? Again, never rely on a single comment — this adds to the fact that all this information is consistent & correct.
6. And always make sure you are on the correct MyEtherWallet, too!
And finally, when you go to contribute, make sure you are on a legit version of MyEtherWallet.com (https://www.myetherwallet.com/)
Check the URL. Check the SSL. Check the v184.108.40.206 (for district0x only). Don’t rely on the version number, but its another good way to easily spot a scam site.
Check the address. Check the AddressIcon (the colorful blob of colors that corresponds to your address. It is an easy way to see if the address matches across two places.)
In this case, district0x’s is kinda pinky-yellow and the address starts with 0xF80.
Oh, and now the URL on MyEtherWallet displays on load & node-change. This is another easy reminder to let you know if you are on a scam site.