A lot of crypto owners fall prey to common crypto theft schemes, including phishing traps. How can the average crypto user identify and avoid these attacks to avoid potential money loss?
Know the source
Phishing emails are sometimes successful in trying to trick users into downloading programs, clicking on something they shouldn’t, or simply linking them to a page where they can enter personal information such as their seed information. phrase.
In July, hardware wallet Ledger reported a data breach which affected the personal information of many of its users, some of whom are still the target of phishing attacks. A number of users have reportedly received convincing emails asking them to download a new version of the Ledger software.
Users were able to identify the scammer by looking closely at the sender’s email address, ending in “legdersupport.io”, swapping the letters “G” and “D”. Emails arriving at unexpected moments stating that a user has already been a victim of a scam and requesting information – whether by phone, email or link – should always receive extra attention.
Authenticity of software updates
One of the first reported Electrum attacks – with nearly $ 1 million stolen – was the result of a user entering private information on a malicious website set up by a hacker. This scam involved a fake wallet update that downloaded malware onto victims’ devices. When they gained access to their wallets, the fake update transferred all of their money to an address that was checked by the scammers.
While the scam was relatively new two years ago, a simple Google search or email to the software wallet company today could confirm whether a hacker is targeting certain users.
Anti-phishing records often speak for themselves
Fake Google Chrome extensions have tricked many users to give away the credentials needed to access their wallets. In March, a rogue Ledger Live scam extension got away with an estimated 1.4 million XRP – more than $ 800,000 with the token’s recent rise up to $ 0.58.
However, legitimate companies have been working on ways to mitigate these attacks for users who rely on web browsers as part of managing their assets. In September, the privacy-based browser Brave announced that this would happen add anti-phishing solutions from cybersecurity company PhishFort.
Share with the crypto community
Should a user successfully identify and thwart a phishing attack, or be the unfortunate victim of it, one method of letting others avoid the same fate is to share their experience via Reddit, Twitter, a personal blog or even an email. mail to a crypto news publication.
Crypto users can sometimes find information about scammers’ tactics on high-profile websites, including Ledger and Trezor, but the pages are often buried deep in FAQ troubleshooting sections.
Spreading the word through social media – while not always trustworthy – has the potential to provide greater transparency and education to maximize the safety of everyone’s money.