ORM for Web 3 Communities: Protecting Your Reputation and Security

ORM, short for Online Reputation Management, is a common term in Web 2. However, it is relatively unheard of in Web 3.

In the world of Web 3, hackers are constantly seeking ways to exploit vulnerabilities and gain access to valuable crypto assets.

Malicious actors will go to great lengths to achieve their goals, from impersonating celebrities to generating fraudulent user content directed to phishing websites.

This is why Online Reputation Management (ORM) is critical for Web 3 communities. By proactively monitoring and managing your community's online reputation, you can safeguard your brand and protect your users from potential threats.

How does ORM work in Web 3?

Crypto is fundamentally community-driven, meaning it is user-generated content-driven. We rely heavily on online social cues and metrics from common users rather than influencers, as in the Web 2.0 world.

Why take it from me?

I work as a verifier for authentickator, a project born out of Menyala, a venture builder founded by Temasek. I provide expert opinions and analysis on the authenticity of NFT projects, having worked close to 20 projects ranking them on their use case, deliverables & roadmap.

During my time in web 2.0, I’m a digital asset acquisition strategist, specialising in growth hacking. I acquired over 100 domains, websites, and social media accounts through auctions, aftermarkets, and private dealings since 2014. My years of experience in due diligence have helped me develop a keen sense for vetting project authenticity and identifying potential shortcomings that will affect business valuation & security risks.

Example 1: Lacoste’s NFT project, UNDW3: The Emerge, used to not have an official twitter account for their NFT project.

This was my review with authentick regarding the project.

https://twitter.com/undw3_lacoste/status/1666444466880651265?embedable=true

They recently setup their official, verified twitter account after numerous scam attempts mentioned in their discord chat.

Example 2: Sushiswap’s acquisition of sushi.com

”SushiSwap’s online presence is notoriously scattered, including domains like “sushiswap.fi” and “sushiswapclassic.org” as mentioned in cointelegraph.

https://cointelegraph.com/news/with-rebrand-on-the-horizon-sushiswap-receives-sushi-com-domain-name-gift?embedable=true

After their acquisition of sushi.com, they are much less vulnerable to domain-name based attacks.

Examples of ORM Mistakes, Risks & Methods

There are several ways to improve online reputation management (ORM) to prevent breaches or malicious damage. Here are some problems and consequences for projects that don't put enough care into ORM, as well as the methods used to breach projects without proper ORM.

• Founder have limited social presence, opens up the project to impersonation: It is important for founders to have a strong social media presence to establish their identity and authority within the Web 3 community. This helps prevent bad actors from impersonating them and misleading the community. Additionally, a strong social media presence can help build trust and credibility with potential investors and partners.

• Scammers flooding hashtag with fraudulent news, when the project doesn’t use their cashtag often: This is a common tactic used by scammers to mislead the community and promote fraudulent projects. It is important for projects to regularly use their official cashtag and monitor social media channels for fraudulent activity. By doing so, they can quickly identify and address scams, protecting the community from potential losses.

• Inactive community, allowing vulnerability shillers to redirect community to other projects: An inactive community can leave a project vulnerable to shilling and redirecting tactics used by bad actors. It is important for projects to actively engage with their community, provide regular updates, and encourage participation. By doing so, they can build a strong community that is resistant to outside manipulation.

• Buying the cheapest domain name extension available, allowing bad actors to create clones using similar domain names, leading to a phishing site: This is a common tactic used by scammers to mislead users and steal their credentials or assets. It is important for projects to secure their brand name and domain names in all TLDs, and to monitor search engine results for any fraudulent activity. By doing so, they can quickly identify and address scams, protecting the community from potential losses.

• Outranking the official brand on Twitter/Instagram leading to a phishing website: This is another tactic used by scammers to mislead users and steal their credentials or assets. It is important for projects to regularly monitor their social media channels for fraudulent activity, and to take action against any accounts that are impersonating or misleading users. By doing so, they can protect the community from potential losses and maintain their reputation.

• Pretending to hire for personal information as a social engineering method to breach wallet: This is a common tactic used by scammers to gain access to personal information or assets. It is important for users to be cautious of unsolicited job offers or requests for personal information, and to verify the legitimacy of any requests before responding. By doing so, they can protect themselves from potential scams and maintain their security.

• Using a public facing email to signup for crypto wallet accounts, social media accounts & personal details & reusing passwords that has been leaked on public domain

Conclusion

In the world of Web 3, user-generated content (UGC) is crucial for crypto communities as they are fundamentally community-driven. As a result, having the right UGC Creators and guidelines for your project is essential to building a strong, damage-proof project.

Setting up gamified community incentives has always been a popular choice among NFT and crypto projects. However, relying solely on monetary rewards for community engagement is not a sustainable long-term strategy.

Online reputation management is not just about presenting the positive side of the project, but conveying the right message to your target audience and retaining them as loyal community members.

Building a proper Web 3 community requires a multifaceted approach that includes not only gamification, but also a strong focus on community trust and onboarding the right ambassadors to ensure the project's survival during bear markets.

After all, most progress is made during bear markets, not bull markets.