Recently, I looked into the issues of investing in crypto and understanding the dangers of various coins depending on the size of their blockchain.
As noted here, the need to control 51% of a currency’s ledger record means that the larger (and faster) a network, the harder it is to access the necessary nodes and keep track of updates. .
My conclusion (and I’m basically a noob) was that the coins themselves are difficult to hack, but what about individual holdings like software wallets or online accounts?
This is where the real digital danger lies.
In this article, I’ll outline the most common threats to your digital wallet.
Nothing new here
For the most part, cryptocurrencies are just another item of value, and like many other digital items, access to where the records are kept may be enough to thwart our individual (often inane) security measures. ).
Like your online banking account, if someone can access that account with your details and password, they could easily steal all of your money with a single click.
The methods used to do this are no different from how local crypto wallets (stored on a device) or remote exchange accounts can be compromised.
There are several approaches that thieves can take to gain access to your funds, from stealing your username or password to convincing you to send the funds yourself.
If you have a healthy interest in anything deceptive, these tactics will be quite familiar to you.
The fact that most digital currencies are unregulated creates a Wild West aspect that attracts online bandits and offers them a degree of impunity over other forms of theft.
As a result, the diversity of thought of this new generation of fraudsters can create remarkably complex or elegantly simple methods of taking your money.
How they find you
With any scam game, knowing what a potential target wants is the foundation on which most scams are built, but crooks must also target victims with treasure worth stealing.
Online profiling can build a catalog of viable crypto investors simply by browsing forums, video comments, and social media groups while collecting all the data available from these sources.
With your email address, phone number, and real name, scammers can attack people in a number of ways. Therefore, fostering a disposal identity that is difficult to connect to yours can be a good strategy to protect your true identity.
I don’t particularly like anonymous online interactions as they tend to encourage negative discussions, slurs, lies and bad behavior in general, but when it comes to not revealing yourself as a target for them thieves, an alter ego may not be such a bad idea in public discussions of financial matters.
I leave that to you, but please act responsibly.
An important factor is that there are a lot of new investors vulnerable to many forms of attack and crypto seems to attract a certain type of investor who tends to be overconfident in the face of much more sophisticated opponents.
Like a brand new chess player convinced he could stand up to a grandmaster when in fact he is almost certain to lose; whereas a smarter beginner might have the self-awareness to recognize when seated facing a higher opponent and expect the inevitable.
This is nothing new and poker players around the world have learned the hard lessons of pride only to benefit fully when the tables are reversed later in their playing careers!
How they get you
An exhaustive list or description of the methods can fill a book, so take these are just examples of how scams could catch you. You should always be aware that new variations are common.
You will, hopefully recognize all of these tactics among other types of scams, but it won’t help you if you don’t stay vigilant when trading online and accept that you can be dominated and armed if you fall into a well-hidden trap.
Traditional methods like phishing, where email or online communications trick people into accessing bogus sites and / or installing malware (openly or covertly) on their devices, remain effective.
No matter how hard we try, there will always be a link we shouldn’t have clicked or a page we shouldn’t have opened.
A key component to the success of phishing is timing and although billions of emails can be sent in the hope that a few will drop into a victim’s inbox right after talking to the bank or the emulated company; Crypto scams can make excellent use of data pulled from the sources mentioned earlier and be almost tailored to individual recipients.
One powerful tactic is to find subscribers to certain websites, channels, or individuals and then spoof those sources to make it look like you’re talking to someone you already trust.
Recently, several celebrities were hacked and their online identities used to advertise a cryptocurrency giveaway where any amount of crypto sent to them would be doubled and quickly returned.
Sure, it sounds like a scam, but the fact that it came from verified sources (apparently) gave it enough credibility and inherent trust in these famous accounts has tricked many people into sending their money stupidly.
2. Opportunities for infestation
Malware can come from many sources and now that the incentive to hunt and steal digital currency is high, don’t think that questionable emails or texts are the only ways to bypass your personal security measures.
Genuine software updates from large companies have embedded viruses at the source and it is only a matter of time before either of the two major operating systems has a disastrous event embedded in its own code. which could trigger before it could be recognized.
Hardware is also a very real danger, and anything you plug into your computer may contain something unexpected.
Personally, I am very careful with all USB sticks and hard drives to the point that I would rather use a single device just for financial reasons and protect it from all other unnecessary software or hardware.
I recently heard of a USB drive company sending tens of thousands of keys to corporate clients, each with a virus on board waiting to find the right terms for a digital heist.
It’s easy to get super paranoid, but a little paranoia is warranted with unwanted pests infesting seemingly legitimate products and suppliers.
3. Online Impostors
Unsurprisingly, fake websites have become more and more common to facilitate various types of crypto theft and these sites can run for hours, days, or months before recycling into a different form with a similar name.
Fake websites can be a complete copy of a recognized legitimate site, but with a modified URL to fool those who don’t check these things and keep clicking from emails.
Social engineering attacks often direct people to these bogus sites and encourage them to create accounts or enter details that might be useful elsewhere.
This type of attack uses human-to-human engagement (apparently) to gain trust or manipulate people into giving out sensitive information or taking actions that compromise their personal safety online.
You can check these sites out for yourself with services like Crunchbase, but if you don’t know what you’re doing or have reason to doubt, my advice is to stick with well-known exchange sites and always check. the URL you are using. .
Your best defense?
As Mr. Miyagi says, the best defense is “not to be there”.
I advise against anyone getting too deeply and too openly involved in a financial business without learning as much as possible about what is safe and what is not and always acknowledging that the less you know, the more vulnerable you are. .
Make sure your passwords are as strong as possible and be just as careful with password recovery methods which should be as strong as the password itself.
Think of it this way: if you have a 50-digit password with numbers, letters, and symbols but your password can be recovered by knowing your dog’s name or your dog’s maiden name. grandma, you are not as safe as you think.
By using two-factor authentication on all of your accounts, tracking all wallet or exchange activity, removing any remote access software that may be on your devices, and using advance phrase recovery to your accounts, you minimize the risk of being scammed.
And of course, make sure your antivirus software is up to date on any devices you use for financial purposes.
Such measures will make you a more difficult target, but if the hackers smell blood in the water and focus their efforts on one of us, it is only a matter of time before they do. manage to break through.
And if you are affected, immediately stop all activity, reset passwords, and report it immediately to your brokerage.
If possible, have a reliable and verifiable source for advice on how to navigate the cryptocurrency minefield.