Stay safe on Solana.
Learn how scams, wallet drains, phishing, malicious signatures, rug pulls, and protocol risks actually work — and the calm habits that turn them into non-events.
Featured topics
12 cornerstone guidesPhishing
Fake websites, DMs, and ads designed to trick you into entering a seed phrase or signing a malicious transaction.
ReadWallet Drains
Malicious transactions that move every valuable asset out of a wallet in a single signed click.
ReadRug Pulls
When a team launches a token or NFT, builds hype, and then removes liquidity or abandons the project — leaving holders with nothing.
ReadFake Airdrops
Unknown tokens that arrive in your wallet to bait you into visiting a phishing site that drains your real assets.
ReadWallet Safety Checklist
A practical, vendor-neutral checklist that covers 95% of real wallet risk on Solana — without being paranoid.
ReadMalicious signatures
On Solana, a single signed transaction can transfer assets, change ownership, or grant program authority. Most drains happen here.
ReadTelegram & Discord scams
Impersonated mods, fake support DMs, and 'verify your wallet' bots designed to push a malicious link or signature.
ReadHardware wallet safety
How to set up, update, and use a Solana hardware wallet without exposing your seed or enabling blind signing.
ReadToken scam checklist
A short, structured checklist of on-chain and off-chain signals to evaluate before buying any new Solana SPL token.
ReadNFT scam checklist
Quick on-chain and off-chain checks to filter most fake mints, copy collections, and impersonator listings on Solana.
ReadBridge risk
Bridges hold pooled assets and rely on external validators or signers. They are the single largest exploit vector in crypto history.
ReadRPC trust risk
Your wallet asks an RPC node what the chain looks like. A compromised or malicious RPC can show wrong balances, hide transactions, or return forged data.
ReadChecklist
Six habits that prevent the vast majority of losses.
None of these require special tools. They are simply the things careful Solana users do by default.
- Bookmark official URLs — never reach dapps via search ads or DMs.
- Read the simulated balance changes in every transaction prompt.
- Use a burner wallet for new mints, claims, and unknown sites.
- Keep savings on a hardware wallet, confirmed only on the device.
- Revoke unused token approvals on a quarterly cadence.
- Never type, share, or photograph your seed phrase — under any circumstance.
Most common user mistakes
Connecting savings to unknown dapps
One signature on a malicious site can move years of savings.
Storing the seed phrase digitally
Cloud notes, screenshots, and password managers are exposed by routine breaches.
Ignoring transaction prompts
Clicking through wallet warnings is how nearly every drain succeeds.
Reusing one wallet for everything
Without separation, a single mistake compromises every asset.
Related learning paths
Related glossary terms
Seed phrase
A sequence of words that can regenerate every key in a wallet.
Phishing
Tricking a user into revealing keys or signing a malicious transaction.
Signing Transactions
How wallets cryptographically authorize on-chain actions.
Hardware Wallets
Cold storage devices like Ledger that keep keys offline.
Educational only
Solana.college is an independent educational platform and is not affiliated with Solana Labs or the Solana Foundation. Content is for educational purposes only — not financial, investment, or legal advice. See our full disclaimer.