Online Safety
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Whag and Web3 Academy Talk Hacks and Phishing Attacks

An overview of the July 24th Twitter Space with Whag and Web3 Academy 2.0.

Whag Team

September 12, 2023

Whag and Web3 Academy Talk Hacks and Phishing Attacks

An overview of the July 24th Twitter Space with Whag and Web3 Academy 2.0. Some quotes have been edited for succinctness and clarity.

Listen to the full podcast here:


On July 24th, Web3 Academy's Twitter Space featured hosts Jay Hamilton, Kyle Reidhead, and Raul Chisluca. They were joined by Sebastian Ornstein, a seasoned Web3 entrepreneur and CEO/co-founder of Whag. The discussion centered on the intricacies of Web3 scams, with a primary focus on identifying, avoiding, and countering the most prevalent cyber threat: phishing links.

The Situation at Hand

Jay, Raul, and Kyle, recounted a troubling incident: the loss of their Lens handle due to a phishing scheme. This Lens handle, boasting over 60,000 followers, was the premier profile on the Lens network, representing a significant asset. The breach transpired when a team member inadvertently clicked a deceptive link, granting a hacker access to their wallet containing the Lens NFT. The team highlighted this two-fold error and advised listeners to employ a 'dummy wallet' when interfacing with Web3 applications. They also emphasized the importance of meticulously examining every link before engaging.

In a proactive move to safeguard their community, the team announced a collaboration with Whag to authenticate links and preempt future phishing attempts. Despite the setback, the team exuded optimism, sharing their vision for Web3 Academy 2.0 and forthcoming innovations.

The discussion proceeded with the Web3 Academy team highlighting typical warning signs of potential phishing:

  • Attackers design duplicate websites mirroring legitimate ones.
  • Malicious URLs subtly differ from genuine sites.
  • These deceptions frequently spread via social media, with culprits possibly investing in ads or fabricating accounts to trick users into accessing counterfeit links.

Putting an End to Phishing

Sebastian, Whag's founder, elucidated the inspiration behind the platform's inception. The recurring incidents of NFT collections being compromised and users falling prey to scams spurred the drive to devise a solution fostering trust and security in the Web3 realm.

“Is there a way that we can actually step in, build a product that makes a difference and make this into an ecosystem that is just generally more friendly? And if the answer is yes, we should do it. So we started thinking, okay, what are we going to build? Let’s build trust”.

Whag, an acronym for "where humans are going," offers a verified link solution, enabling users to generate secure links. The platform guarantees the authenticity of links and screens each URL against a blocklist to ward off malicious content. Moreover, each Whag link comes with a digital signature, adding an extra layer of trustworthiness. Upon clicking a Whag link, users encounter a Safe Stop interstitial, affirming the link's credibility before redirecting them to the intended URL. In a strategic move, Web3 Academy has allied with Whag to bolster their link security, shielding their community from phishing threats.

A Community-Centric Network

Delving deeper into the challenges of broad-based adoption of novel tools and technologies, Jay queried the group about striking a balance between a secure ecosystem and user convenience:

“There’s always this balance of creating a secure ecosystem and a secure user experience with convenience. And quite frankly, users generally favor convenience… How would you approach years of behavior, talking to somebody new? What would you be telling them in terms of this balance of convenience and security?”

Responding, Sebastian cited the recent updates Whag has implemented and made clear that they were all driven by the feedback the team had received from their early users. He emphasized that the methods of design at Whag revolve around the community, feedback, and iteration, and recommends that users who encounter friction reach out to the Whag team so improvements can be made.

The dialogue then pivoted to the imperative of promoting verified links as a potent countermeasure against phishing. Kyle accentuated the urgency for tools like Whag to streamline user experiences, fostering broader acceptance within the Web3 community.

Sebastian outlined Whag's strategy to surmount adoption hurdles. The platform's emphasis is on community engagement and sustained growth. Whag facilitates users in reporting dubious links, ensuring the blocklist remains current and fortifying overall security. Additionally, Whag is developing a Chrome Extension to restrict access to blacklisted URLs, positioning it as an essential tool for mainstream adoption. Whag also envisions direct integrations with platforms like Discord and Slack, offering instant link verification.

Verified Links: The Cybersecurity Tool of the Future

As the interview came to a close, Sebastian outlined an alarming statistic: phishing attacks occur every 11 seconds and cost consumers billions a year.  He pinpointed phishing’s status as the predominant method of cyber attack due to its straightforward nature and ease of implementation.  He championed Whag's link verification mechanism as a foundational safety net and advocated for its early adoption. Emphasizing the power of community engagement, he envisioned a robust network of authenticated links.

In conclusion, the podcast championed the embrace of link verification tools like Whag to thwart phishing attempts and cultivate a more secure Web3 ecosystem. The narrative underscored the pivotal role of community participation and judicious practices in safeguarding assets and fostering a rewarding experience in the dynamic Web3 domain.

To join the movement and help do your part in keeping the ecosystem safe and secure. be sure to check out the Whag landing page and sign up today!

Read the transcript here: