Hello great steemians, it is a once again time to engage in one of the homework task in steemit cryptoacademy. This time, I am writing on @gbenga's homework task for week 5: Make a Post about a Security problem with Cryptocurrency and Share a personal experience if possible..

Introduction

Security is an important feature in everything we do, starting from the food we eat to big corporations and organization. Without proper security, everything we have laboured and worked for can become nothing or lost just in a twinkle of an eye.
This is also the case with cryptocurrencies. So many are in fear of losing their wallets. The more so many utilizes crypto currencies, the more the security problems becomes. Despite major technological advancement in place to curb the spate of crypto theft and attacks, yet the venom gets bigger and bigger by the day.

Image source

I am going to discuss on one of the security challenges with cryptocurrencies. That is Account Takeover Attack .

What is Account Takeover Attacks (ATO)

An account takeover attack is identity-theft fraud whereby a malicious person takes full control of an individuals online account. As a result of this, the fraudster who gains access to the account can do anything which the owner of the account can do, like changing account settings, withdrawals and even deleting the account. This can lead to a wallet being drained of all cryptocurrencies stored there.

reference

This type of account hacking can be done in two ways:

1. The fraudsters use an accoumt-checker tool to test passwords and usernames which are obtainable from public sources or from data breach marketplaces on the dark web. They go for specific companies that have active online accounts which can easily be compromised and converted to cash.
   Once an account has been compromised, they will match the credentials on other online accounts owned by the victim, thereby getting more information regarding the victim. This definitely works for them, since most users tend to use the same details so many times.

2. The second is a targeted and focused attack on a specific organization or high networth individual. This is done either to target the individuals assets or be a leverage to a more broader organizational target. The login in credntials are gotten by using social engineering tactics to brute force to crack the codes to the account. Although this method is done slowly and more methodically, it usually blends with the owners requests and therefore difficult to detect.
   This method of Account Takeover also include sim-swapping, which targets victims phone numbers.

There are steps that can be taken to prevent this Account Takeover Fraud. They are

1. Use of google authenticator (2fa). This only allows one device access to the 2FA. Strong protection against sim-swap.
2. Good password management is also a key toward preventinf Account Takeover. By doing so, you can securely create and manage passwords even when you have multiple accounts.
3. Always double check our communication tools to avoid malware installations.
4. Create and use as many emails as possible in relation to Cryptocurrency accounts.

Reference

On a personal note, I have not had any experience of hacking my crypto account and do not ever wish to have such an experience. However, I have friends who have lost over $4000 worth of bitcoin in their bitcoin wallet due to fraud attack. I am now in a better position to educate them on how to secure their wallet the more thanks to this academy.

Conclusion

We are living in an era where online accounts and login credentials are the order of the day. Thus the need to seriously secure these. Anyone who has access to these, can easily get our contacts, resources etc.
Thus as individuals, we are the first line of defense in securing our accounts and valuables. When we do that and apply some of the suggestions outlined above, the risk of hacking our account are reduced to the barest minimum.

Thanks @gbenga for going through my writeup.

Cc: steemcurator01
Cc: steemcurator02