I have literally seen people scammed out of their family inheritance, their home and rent, or their next grocery shop through bitcoin.
There are ways to avoid this:
1) You can never ever be too careful about the "handle" or "screen name" you are talking too. Many platforms allow them to be aped easily. Including domain names. Sometimes it can be an additional character that isn't easy to spot. Other times it can be an "i" in place of an "l"
It really can be that simple to take everything you have
2) Generally speaking you aren't going to have an "@" or an "npub" offer you something that is too good to be true. Correct me if I am wrong nostr:npub1a2cww4kn9wqte4ry70vyfwqyqvpswksna27rtxd8vty6c74era8sdcw83a but you aren't likely asking people to send you bitcoin for no definable reason with a promise of return? You aren't soliciting your skills randomly. This should be obvious but it isn't. If anyone is contacted in a manner like this the first reaction should be to have them contact you directly. Ask for a phone call, or a video call, if it is that important. It will buy time to investigate the nature of the request.
3) No one. No one ever will ask for personal information. This one is huge. Very important. Don't volunteer this kind of thing. Not ever. Your fiat bank will never ask for this. They will ask security questions. But your bank will never ask you to send money to unlock money. I can't stress this enough. If anyone asks for your password, or your nsec, or your bitcoin keys, the answer is "no"