Once a user identifies a phishing attempt, spreading the word online can assist in the security of everyone’s funds.
Many crypto owners fall prey to common crypto theft schemes, including phishing traps. How can the average crypto user identify and avoid these attacks to prevent the potential loss of funds?
Phishing emails are sometimes successful in their attempts to trick users into downloading programs, clicking on something they shouldn’t, or just linking them to a page where they can enter personal information like their seed phrase.
In July, hardware wallet Ledger reported a data breach that affected the personal data of many of its users, some of whom continue to be the target of phishing attacks. A number of users have reportedly received convincing-looking emails asking them to download a new version of the Ledger software.
Users were able to identify the con by looking closely at the sender’s email address, ending in “legdersupport.io,” with the “G” and “D” letters switched. Emails arriving at unexpected times stating a user has already been the victim of a scam and requesting information — whether it’s over the phone, email, or through a link — should always be given extra scrutiny.
In September, an Electrum user reported the loss of nearly $15 million in Bitcoin (BTC) that appeared to be connected to a phishing scam which has been affecting users of the software wallet since 2018.
One of the first reported Electrum attacks — with nearly $1 million stolen — was the result of a user entering private data on a malicious website set up by a hacker. This scam involved a fake wallet update that downloaded malware onto the victims’ devices. When they accessed their wallet, the phony update transferred the entirety of their funds to an address controlled by the scammers.
Though the scam was relatively new two years ago, today a simple Google search or email to the software wallet company could confirm whether a hacker is targeting certain users.
Fake Google Chrome extensions have tricked many users into giving away the credentials needed to access their wallets. In March, a fraudulent Ledger Live scam extension got away with an estimated 1.4 million XRP — more than $800,000 with the token’s recent surge to $0.58.
However, legitimate companies have been working on ways to limit these attacks for users who rely on web browsers as part of managing their assets. In September, privacy-based browser Brave announced it would be adding anti-phishing solutions from cybersecurity firm PhishFort.
Should any user successfully identify and thwart a phishing attack or be the unfortunate victim of one, one method of letting others avoid the same fate is to share their experience through Reddit, Twitter, a personal blog, or even an email to a crypto news publication.
Crypto users can sometimes find information on scammers’ tactics on websites for high-profile targets including Ledger and Trezor, but the pages are often buried deep within troubleshooting FAQ sections.
Spreading the word through social media — while not always reliable — has the potential to provide greater transparency and education in maximizing the security of everyone’s funds.
[…]
Learn more
The defunct cryptocurrency exchange Mt. Gox is making waves again, this time with huge Bitcoin…
Lightning Labs, a leading developer in Bitcoin's Lightning Network ecosystem, has launched a groundbreaking protocol…
According to onchain data, a significant whale holding over 92,500 ether moved the funds to…
🛸Inspired by the internet's favorite extraterrestrial, Skinny Bob MemeCoin is revolutionizing the cryptosphere across multiple…
NFTs, or non-fungible tokens, are transforming various industries, including art, music, sports, and real estate.…
Proton Technologies AG, the Swiss company renowned for its encrypted email and VPN services, has…
Leave a Comment