Buy, exchange, grow and manage over 5,500 coins and tokens

Shop now Compare wallets

The Classroom

PATHWAY 4. Web3 security essentials

chapter 1/3

Web3 Scams Introduction

Read 5 min
Key Takeaways
— Ledger is committed to providing the best possible security for your keys and funds. However, even the Ledger cannot protect you from certain Web3 risks and dangers.

— Crypto shilling is one of the most prevalent scams in crypto. It involves advertising a fake project or hyping up a project that doesn’t have any potential.

— Rugpulls are another popular risk in the crypto space. The founders hype up the project and when the price of the token rises, they sell their shares and desert the project.

— It is essential to thoroughly research a project before getting involved in it. That is exactly what we are going to help you with.

Ledger hardware wallets are about security – but there are some risks even your Ledger can’t protect you from. In this section, we’ll talk about common Web3 scams tactics, and what you need to be aware of as you explore the space.

Web3 Scams

In Web3, absolutely anyone can start a project and start selling tokens – there is no business check, no regulator, and no code of conduct for crypto projects.

More importantly, since blockchain transactions are immutable, and have no central governing entity, there is no way of getting your crypto back if you do make a bad judgement call. Once it’s gone, it’s gone. That’s why it’s so important to be aware of the different scams in the Web3 space, and how to spot them before they spot you.


Shilling is not a new scam – in fact, it’s as old as trading itself.

When a product or business idea is being “shilled”, it means that an individual is advocating for the idea, but for personal gain. In other words, they may tell you that the project is “A once in a lifetime opportunity!!” or that “You need to buy in now before it sells out!” – making you believe the idea is a great investment opportunity. In reality, it’s not really a great opportunity at all, and the only person who stands to gain from your investment is the Shill.

Well, in the free and easy world of crypto, where anyone can start a project and seek your investment, shilling bogus projects is very common.

What crypto shilling?

Shilling a cryptocurrency can take a couple of forms:

  • It can mean advertising a bogus project (we’ll come back to that)
  • It can also mean a person who is advocating for a project in exchange for a financial reward. (ie, not impartial advice)

In either case, the idea is the same: to generate hype around the project so that unsuspecting people like you and I will buy in.

A little hype can go a long way – the more people invest, the more the demand for the token rises, the more the price increases, and the greater the value of the overall project.

How to spot Crypto Shilling

Crypto shilling may not always be obvious. You might not always find someone saying “Hey! Look at this great token, you should 100% invest in it right now if you want to make money and save the world!.” Instead, it might look like this:

  • The influencer

Not all influencers are on Instagram. In the cryptocurrency scene, you might come across an influential figure like a celebrity endorsing a project.

But the celebrity may not be transparent: they may be getting paid for that endorsement, or have shares in the project themselves. Either way, their advice is not impartial, and will not benefit you – it is driven by self-interest.

The lesson? Always ask why. When an influential figure seems to suddenly turn their attention and advocacy to a cryptocurrency – without any signs of interest in the market before – there’s a good chance they’re looking out for themselves, not you.

  • The project founder

Naturally, the teams behind a cryptocurrency project want the project to succeed – they likely have large shares in it themselves. It stands to reason that they will hype it up so that it gets attention and investment.

But remember – the team has a vested interest in seeing the project succeed. So their advice is unlikely to be impartial.

The lesson? Do your own research. If a team promises to deliver the world and more, cross-check it with their roadmap, whitepaper and other sources such as Etherscan (we’ll come back to this).

Rugpulls – a perfect scam for crypto

Let’s talk now about another type of scam that’s prevalent in crypto.

Rugpulls are exactly what they sound like: someone pulling the rug from under you. In the case of crypto, a rug pull involves a bogus project selling either coins or NFTs, with the promise of a bright future.

As the demand for the project rises, the price of the tokens also increases and so does the overall value of the project. The kicker? There is no future in the project, and the creators know this when they take your money.

Pump and Dump

Once you and other investors have sunk your money into the project (pumped it with crypto), the demand and price of the tokens increase. Then, the creators or founders sell their own shares (dumping) which are now inflated, thanks to all the interest shown by you and the other buyers.

The creators of the project never had any intention of seeing through, and abandon it after selling their shares. You and other investors are left with tokens of a project that no longer exists.

A recent example of this is the alleged SushiSwap (SUSHI) exit scam . The project saw a significant price increase, and its creator, the anonymous Chef Nomi, instantly cashed out $14 million. This crashed the price of SUSHI from over $9 to just over a dollar in less than a week. After extreme community backlash, Chef Nomi eventually sent the funds back. Most rug pulls don’t end that positively.

You are the gatekeeper

In summary, the freedom of Web3 makes it a perfect environment for just about anybody to make any claim they like. Even if your keys are totally safe inside your Ledger Nano, it is still up to you to scrutinize projects before you interact.

Ledger Academy is here to help you with that – we’ll cover it in the next article. For now, here’s a quick overview of how to approach DeFi and NFT projects with healthy skepticism.

How to Avoid Getting Scammed

Before you let someone talk you and your money into a project (no matter how enthusiastic they are) make sure you do the following:

  • Ask yourself why a given person is reaching out to you – could they have an interest in the conversation?
  • Never respond to private messages recommending crypto projects – there is no reason for anyone to contact you privately in Web3.
  • Do your own research (DYOR). Gather the key facts about the project without the subjective buzz.

Knowledge is power

Now you know some of the novel risks you’ll face on Web3, it’s time to read up on how to conduct your own research. Security involves more than just your crypto wallet: it’s also about educating yourself about which questions to ask and how to research the opportunities for yourself. So let’s tackle that next.

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]