In case you somehow slept through all of 2017 AND 2018, you’ve probably heard the news by now that cryptocurrency and blockchain are providing an alternative to the bloated, unstable centralized banks controlling everybody’s money. And while the blockchain is constantly described with lofty words like “secure,” “immutable,” and “impenetrable,” there are now new threats lurking out there. Individual and big businesses lost nearly $1.1 billion in cryptocurrency during the first half of 2018, with the yearly total rising to nearly $1.8 billion.
A recent Reuters article revealed some interesting statistics on the theft of 2018:
- Cryptocurrencies stolen from exchanges and scammed from investors surged more than 400% in 2018
- $950 million was stolen from cryptocurrency exchanges and infrastructure services, a number up nearly 260% from 2017 (which was reported at $266 million)
- Korea and Japan are home to most of the thefts from exchanges in 2018 (nearly 58%)
- Theft wasn’t the only cause of lost money in 2018: $725 million in cryptocurrency was lost in exit scams like fraudulent ICOs, phony exchange hacks, and Ponzi schemes.
The most alarming part? VentureBeat reports that in Q1 of 2019 alone, crypto criminals and fraudsters have already stolen more than $1.2 billion. Theft in the crypto space seems to become more prevalent, not tapering off like many suspected would happen with the death of ICOs.
The truth is that everyone should be smart about their cryptocurrencies, as anyone can fall victim to a crypto-era pickpocket. After all, with government policy still lagging far behind the huge technological strides of the crypto-world, it’s a lawless land out there. There’s no marshall coming any time soon, so you’ve got to take your protection into your own hands.
So how can we protect ourselves moving forward? What are some of the top threats and how do we stop them? Here are the main crypto outlaws to look out for and how to best protect yourself:
Exchange and wallet woes
As mentioned above, $950 million of the nearly $1.8 billion in cryptocurrency stolen in 2018 was due to heists through exchanges and wallets. Exchanges can be extremely vulnerable, especially if they keep coins in hot storage (meaning, connected to a network) without serious multi-factor, multi-signature security. And once your crypto is stolen, there’s no getting it back. It might as well be carried off on horseback into the wastelands.
Brute force hacking is one method of attack in these cases, meaning trying every possible passcode or key until one works. All encrypted tech connected to any kind of network is somewhat vulnerable to this
How to protect yourself: When storing your coins in an online wallet, there are a variety of steps to talk to protect yourself and your money. The most important one that’s relevant to any wallet user: understand the security features available to you. Most online wallets will give users a detailed list of ways they can keep their account secure. When choosing a wallet, look for ones that requires PIN codes for withdrawal, utilizes private keys, provides backup and restore features, and uses two-factor authentication . The inability to both change a wallet address and withdraw large amounts of assets without verifying one’s identity is also important.
Cell Phone hacks and heists
Hot wallets like software wallets, even if they’re not through big exchanges, are also vulnerable via phone hacks. Crypto-thieves can gain access to your phone by calling your cell phone service provider pretending to be you, then changing all of your passwords, including to your wallets. It’s unnerving how easy it is for them to do this.
How to protect yourself: Call up your phone company and set up higher security procedures for account changes with your phone company. They should ask you security questions, or need multiple types of confirmation, before they agree to make any changes to your SIM card. It might make your life a bit more annoying if you have phone troubles, but it could save you big time.
Many of the recent attempts from sophisticated hackers in the cryptosphere have been made through social networking platforms, most commonly Telegram. The threat here is extensive, because nearly all well marketed crypto companies will have a Telegram channel to post company updates and stay connected within the community. In recent months there has been an increase in malicious activity on Telegram, and it has become increasingly difficult for users to protect themselves against hackers and scammers.
How to protect yourself?
Telegram is taking its own measures to protect users, including a recent app update to further security in its chat channels. But what can you do besides waiting for a platform to release a security update? Users should only subscribe to Telegram channels that are announcement-only channels, making it so that the group chat function is disabled. If users within a company’s channel cannot respond directly, it makes phishing and scam attacks less likely to occur.
Back in the day, people ventured West to strike it rich during the gold rush. The “Oregon Trail” as it was dubbed was filled with dubious characters would siphon off your discoveries or swindle you out of them. Times really haven’t changed that much!
Mining, the modern-day equivalent of joining the gold rush, is plagued with certain flaws. Malware functions like a tapeworm by robbing CPU power to mine coins for the hacker, using all of your computer’s “work” to produce crypto for themselves. This slows down your own speeds and can come along with some other very nasty viruses.
How to protect yourself: Trust me, normal antivirus won’t cut it. You need specialized crypto security protocols, so don’t under-prepare!
At the height of ICOs in 2017, the main method of theft was phishing, with over $115 million stolen by this tactic alone. Examples include people trying to disguise themselves as Twitter personalities (like the Telegram CEO) and offering “giveaways,” or posing as ICO heads and requesting payments, as was the case with the Seele ICO.
How to protect yourself: It’s a well-known phrase, but it’s accurate: If it looks too good to be true, it is. It’s unusual anyone would toss out free crypto like candy, and legitimate airdrops are always well documented and usually well known. Remain alert and be suspicious of requests that deviate from these plans. Most major crypto Twitter personalities specifically state in their bios that they don’t give away crypto - so pay attention. This is no frontier for the faint of heart or the gullible.
Some more advice to heed for the pioneers
People went West for a variety of reasons: promise of a better life, a sense of adventure, the beautiful vistas, and the chance to make a new name for themselves. Now, people turn to crypto for similar reasons, and the scene is vibrant, promising and lucrative for smart adopters.
There’s also risk involved, but crypto isn’t more dangerous than other currencies, people just have not figured out yet how to hold it responsibly. You wouldn’t leave your dollars laying around in public, and you wouldn’t let your bank hand out your cash to someone without ID, and you wouldn’t pay anyone for the promise of the magic beans they were selling...right? The precautions I’m suggesting are really the basics of looking out for yourself financially.
Unfortunately, many people are scared away by insecurities that are really caused by careless crypto holders. The more widely-adopted crypto becomes, the more legitimate services will pop up to help with secure crypto storage and protection. Someday, we might even see regulation and support from governments. Responsible crypto ownership lays the groundwork for mass adoption, which will come with massive benefits for crypto-holders and society.
So go west, young investor! And go informed. Good luck out there!
Alex Mashinsky, CEO of Celsius Network, has written an article that provides a step by step guide on how users can protect themselves in the “wild west” that is the crypto world. He details a variety of threats and then gives specific tips and tools on how to protect yourself against each one. There are also some suggested Giphys in line.