Tips to Stay Safe When Connecting to DApps

Just like a regular app, DApps allow for endless possibilities, with the added benefit of decentralization.

In just a short period of time, we’ve witnessed an explosion of innovation that has created the likes of OpenSea, UniSwap V2, Compound, and NBA Top Shot, just to name a few.

But this exponential rise in DApp development also has its downsides. Just like how crypto markets are chuck-full of scammers, the same goes for the world of decentralized applications. And because of this, every day, more and more people fall victim to fraudulent DApps made by scammers.

By following the tips outlined below, you can mitigate the risk of losing funds by spotting malicious DApps.

Confirm the DApp is legitimate and reputable

Websites like and have information on popular DApp on the market. From there, you can look over the DApp’s on-chain graphs to check if you see anything fishy going on.

Another way to check a DApps legitimacy is by visiting its social media links to see if the creators are active. We recommend only using DApps with active engagement and a good reputation amongst its community.

Lastly, the DApp’s code should be audited by a qualified smart contract auditor, such as CertiK. If the smart contract has not been through auditing, fatal bugs that could compromise your assets are a possibility.

Make sure you’re visiting the correct URL

Scammers will sometime create a fake DApp with a similar URL to try and fool unassuming users. For example, they might use an “o” instead of a “0” or slightly tweak the spelling of a website.

Once their targets are on the fake website, you’ll be prompted to enter your seed phrase, private key, or connect your wallet, giving up access to your assets.

Another method that scammers will use to redirect you to fake websites is by running Google Ads to show up first on Google’s search results.

To avoid visiting malicious URL’s we recommend typing the URL directly in the search bar, or only clicking links that are directly distributed by the team.

Look out for your Phishing Protection Artwork

For all legitimate BlockWallet extensions, your unique Phishing Protection artwork will show up when asked to enter sensitive information like your password. If you do not see your Phishing Protection artwork pop up when connecting to a DApp, do not enter any sensitive information.

Last updated