In this post, I will tell you about some of the most recent scamming techniques that I have come across. This would help raise awareness and prevent such scams from happening.
The Damage an Attacker Can Do:
When you get your crypto wallet hacked i.e. lose your private keys, you not only lose your hard-earned funds forever but also hurt the momentum in the crypto world in two different ways.
1- The Dump that happens in the Open Market: Usually when a hacker steals your funds, he would move these assets onto an exchange and dump them in the open market as quickly as he can.
Depending on the number of cryptocurrencies that are being dumped, this could lead to massive price swings. For example, if a hacker steals 4 Billion worth of Bitcoins and sells them instantly on the open market, he alone could cause a dip of 1%. Such massive sell orders would create panic in the crypto world leading to more users selling their Bitcoins.
2-The Bad taste it leaves behind: It is simply impossible for you to get your lost funds back in the crypto world. So, when a new user reads about a hack of this magnitude, he/she would be apprehensive about investing in cryptocurrencies.
Thus, we can also say that these hacks are acting as roadblocks for the mass adoption of cryptocurrencies.
Let us now have a look at some of the newest ways that attackers are using to steal your funds.
New Techniques Used by Scammers:
1- The Shipping Message: Since the holiday season is upon us many of us have turned towards e-commerce platforms for our Christmas and New Year shopping. This exactly what the hackers are using to steal your crypto funds from you!
Jchains on Twitter | src
A while back, I read a tweet wherein a popular podcaster who goes by the name JChains was a victim of this scam. The attacker sends out a text message to your mobile number impersonating a shipping delivery that you might be expecting.
On clicking on this link, your crypto account would be hacked and wiped clean. Since most of us are expecting packages from Amazon, we might also fall for this scam. So, never click on any link that you receive through text message or at least verify the sender details before opening it up.
2- The Classic Social Media Comment Section: On Youtube, whenever you comment on popular crypto vloggers, you would get a reply from an account that would have the same profile picture and similar name as the Youtuber. This is telling you that you won some kind of lottery and asking you to send some crypto to the specified address.
This same hack can also be seen as part of many ads that run on YouTube. While I currently don’t have any screenshots, I had come across an ad on Youtube which had Elon Musk asking people to send crypto to enter a lottery. Flash alert! Elon Musk or any public figure would never ask you to send money to an address ever!
Never send it to such addresses! Any crypto that you send is gone forever!
3- The Steemit Memo hacks: On steemit you would receive a bunch of transactions and some of them would also have a memo attached to them. Hackers on steemit would use this to send you links to their hacking page.
A recent steem hack that I came across
On opening such links your steemit account can also get hacked. Any liquid Steem that you have would then be sent out and dumped in the open market. What’s worse? The hackers would also try to use your good reputation to further spread out this scamming link.
This kind of attack is extremely popular here on Steemit and has been around for ages. So, always try and avoid clicking on suspicious links on Steemit.
Steps to Prevent such Hacks:
You will eventually come across some of these hacks shortly. With cryptocurrencies gaining momentum in this bull run, more and more hackers are going to resort to such petty techniques instead of earning crypto the right way.
Here are some of the steps that you can take to avoid being scammed in the future.
1-Don’t Click on any links in SMS/Email: I know it’s close to impossible for you not to open links that you get on your phone. If you get tracking details from Amazon, UPS, etc, open up the platform from where you booked your package and check for the tracking details there. For example, you can track the packages directly from the orders page on Amazon.
2- Never click on any links that you get in Steemit Memo: This warning is something that we already see while signing up on steemit. Please don’t click on any link that you receive. Also, there are a bunch of spam accounts that are being created these days. Avoid opening these links as well.
One of the best ways to avoid losing money here on steemit is to hold most of your Steem in the form of SteemPower. This would mean that the attacker cannot gain access to your Steem for at least another week.
3- Use hardware wallets: Hardware wallets are a safe haven for storing your cryptocurrencies. Even if you end up getting hacked, the private keys would never be accessible to the attackers. Thus, making it impossible for them to steal your funds.
A hardware wallet can be available for under $50 for Trezor and $59 from Ledger. So, invest a small amount in these wallets and live a risk-free life in the crypto world.
A New Wave of Phishing Messages:
In July of 2020 Ledger, a popular hardware wallet manufacturer’s database was breached by an attacker. This database contained the contact details of all of Ledger’s customers. While no seed phrase of funds was stolen in this breach, the loss of personal information is a big blow to the company.
Stolen Databse Leaked | src
While this breach was quickly addressed back in July, the hacker has now leaked the entire stolen database on a crypto forum. This means that the contact information of every single customer is now in the open.
So, this would mean that the number of phishing emails and text messages that you would receive if you had previously purchased a Ledger wallet would also increase drastically. So, please be very careful when you are providing information to an unknown site or person on call.
Final Thoughts:
We have reached a point where it is simply impossible to stop hackers single-handedly. The only solution to this problem is to spread awareness amongst fellow crypto users. Only when these new techniques are known by the majority of users would these scams stop from happening. So, please share all this information with anyone who uses cryptocurrencies. This would not only protect their funds but would also have a healthy impact on the market.
PS: No website or company would ask you to provide your hardware wallet’s seed phrase or the private key of your wallet.
CC:
@steemcurator01
@steemcurator02
@steemitblog
@rishabh99946
@sapwood
@neerajkr03
Very useful post, thank you for writing and sharing with everyone.
One query- What happens if your laptop/desktop hard drive crashes? Should we have a secondary backup process or weekly backup of hardware wallet?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
So, in the case of a hardware wallet, there is absolutely nothing on your laptop/computer hard drive. These are specialized devices that conceal your private keys within the device itself.
Even you won't have access to the private keys. The wallet itself signs the crypto transactions within the device itself and then broadcasts them. The only thing that you would need to keep safe is a 12/24 word seed phrase. This would need to be written down on paper and stored safely away from anyone.
This seed phrase is what you will be used to restore your wallet if the hardware wallet fails due to some kind of damage or theft.
I am planning on making a complete guide on some of the popular hardware wallets out there. So, I think I would be able to explain things more clearly over there.
PS: A hardware wallet is a safe haven for cryptocurrencies because you can use it on even hacked computers and your funds would still be safe and no hacker can gain access to it without the seed phrase that I mentioned earlier.
Thanks for stopping by. Steem on!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thank you for sharing more information. Very useful.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Very useful post. Resteemed.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thank you for your support!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit