PHISHING SCAMS: PROTECTING YOUR CRYPTO WALLET
Technically, the blockchain remains one of the most secure platforms for performing transactions as far as digitized systems are concerned. Its decentralized, distinct protocol of confirming peer to peer transactions is unmatched.
However, cryptocurrencies have been bedeviled with all sorts of scams since their introduction in 2009. No doubt, the phishing scam remains a persistent tool used by hackers to steal cryptocurrencies. On April 16, 2020, Google reported that it blocked more than 18 million malware and phishing emails related to the COVID-19 pandemic every day.
SO, WHAT EXACTLY IS PHISHING?
Phishing is a form of fraud that involves sending malicious links, attachments, documents through email, text messages, or some other social media. The links are usually designed to imitate legit organizations, businesses, or companies.
Take, for instance, I get an email from a company with an apple logo saying my iTunes subscription has a problem or my details are incorrect. Out of panic, I click the link and quickly provide my details. I just fell to a typical phishing scam.
In the blockchain technology context, a phishing scam usually involves a seemingly legitimate email asking users to provide their wallet keys/passwords. In some phishing scams, multiple computers are targeted at once, and they are used as hosts in illegal cryptocurrency mining schemes. A report published in 2018 revealed that phishing fraud accounted for 13% of the 9 million US dollars lost to cryptocurrency each day.
Typically, in typosquatting, a deliberately misspelled domain name is created to trick users into providing personal information. An example would be "cryptodaiily.co.uk" instead of "cryptodaily.co.uk" or "faceboook.com" instead of "facebook.com." Without even realizing they are on the wrong website, many users have fallen to this type of phishing fraud.
In 2018, European police(Europol) arrested six individuals involved in a 27 million US dollars typosquatting theft. They had mimicked the URL of a popular cryptocurrency exchange; they stole from users in more than twelve countries.
PREVENTING A PHISHING/TYPOSQUATTING FRAUD
Every day, cryptocurrency investors and wallet owners still fall to numerous forms of phishing attacks. Nevertheless, in many cases, these scams can be avoided altogether. Here are a few tips on protecting your cryptocurrency wallet.
- Never open links from unknown email addresses; worst-case scenario, ask the sender to clarify the contents of the link.
- Watch out for fake email signatures.
- Always double check any information from a subscription.
- Look out for the "padlock icon” on the left side of any URL you’re visiting; it asserts that your visit is encrypted and secure.
- Confirm your cryptocurrency exchange URL is right.
- Perform a quick google search to confirm/dismiss suspecting email contents.
- Never provide your personal details until your exchange gives the go-ahead.
- Use two-factor authentication.
- Be swift to look out for misspellings in any company website.
- Don’t be in a hurry to open or respond to your emails; take a second to verify the email address or come back to it if you’re busy.
- Be extra careful going through your spam folder.
Ultimately, human errors are inevitable; downloading an anti-phishing software to protect all your devices is much more helpful in against phishing attacks. Metacert’s anti-phishing software has gathered tons of malicious links, websites, and email fraud patterns; it is capable of approving and revoking access to secure and malicious links, respectively. The software is available as an extension on multiple devices.