Data from Chainalysis shows that illicit addresses received over $14 billion in crypto in 2021. Given that the cryptocurrency market is back near the $2 trillion mark, scammers are preparing for a new round of high-level fraud schemes with no end in sight.
This is where Microsoft comes in as the company revealed its own step-by-step manual on how to avoid scams in the crypto market. Cybersecurity experts at the Redmond-based company encouraged Web3 projects to increase "usability" to help users perform the following actions:
- Check the smart contract you are interacting with. Is the address correct? Microsoft says this is an area where wallet providers like MetaMask, Blockchain.com, or Coinbase Wallet can add an additional layer of security.
- Has the smart contract been audited?
- Has the smart contract been implemented as a proxy? This means that the developers can deploy fixes if any bugs were identified.
- Does the smart contract have capabilities such as pause/unpause? Under what conditions are these triggered?
- What are the security characteristics of the smart contract after deployment?
- Manage cryptocurrencies through multiple separated wallets to diversify the risks of losing the funds.
Microsoft noted out it is vital for conscientious blockchain developers to verify their smart contracts through an independent audit. After deployment, the company says developers should spend some time to prevent or limit an exploit draining funds.
Developers should also document all the audits in a dedicated section on the project’s website so that users could verify the level of the security themselves.