Onionland has been described as a kind of online wild west. It's not a bad analogy. We all need to take ownership and responsibility for our own security. Here are a few tips:
Trust
First and most important point - do not place your trust in anything or anyone without good reason. I often get questions asking if some site is legit or some vendor. My advice is always to assume random links you find on the Hidden Wiki and other directories are scams until you have enough evidence to say otherwise.
Verified vendors here have at least proved they do have what they are advertising. Read through their feedback, make an informed decision and use escrow if you are at all unsure.
Escrow
On anonymous boards/markets, escrow is your only protection from scammers. I offer an in-house automated service, but any mutually trusted person can act as escrow.
Encryption
Any communication you send in cleartext can be intercepted and read. This includes Tormail, Torchat/ICQ and any private messages you send here or on other forums. This is particularly important if you're sending sensitive information such as a drop address. Take ownership of your own security.
The solution is to use open-source encryption technology.
For a basic tutorial, see https://p3lr4cdm3pv4plyj.onion.lu
Your Identity
Tor is an excellent tool for anonymity, with a few caveats.
•Adopt a Tor alias for all communications. You are not you in onionland. Never discuss anything that can personally identify you.
•Never visit any website that can personally identify you. It might sound obvious, but it only takes one time logging into your own facebook page/email/twitter account etc for you anonymity to disappear. Don't do it.
•If you use bitcoin client and instant messengers, use Tor for your anonymity and OTR for your security. For more detailed instructions see:
viewtopic.php?f=57&t=868
Forums
•Choose a complex password.
•Choose a unique password for every site.
•When posting internal links or external links to this site, be careful not to include you Session ID in the URL. For example:
https://nifgk5szbodg7qbo.onion.lu/viewtopic.php?f=6&t=32&sid=2a142fee61e8dbe08c65f0db0d2607ac - [Unsafe. Your account can be hijacked]
https://nifgk5szbodg7qbo.onion.lu/viewtopic.php?f=6&t=32 - [Safe]
Money
•We mostly use bitcoins here. They have a number of advantages over other digital currencies, for example: anonymity (see caveat below), decentralization, speed of transaction, irreversibility.
Caveat
Bitcoins are not anonymous by default, but can be made anonymous by using unique addresses, mixing services etc.