Many crypto owners fall prey to common crypto theft schemes, including phishing traps. How does the average crypto user identify and avoid these attacks to prevent potential money loss?
Know the Source
Phishing emails are sometimes successful in their attempts to trick users into downloading programs, clicking on something they shouldn’t, or simply linking them to a page where they can enter personal information such as seed phrases.
In July, hardware wallet Ledger reported a data breach that affected the personal data of many of its users, some of whom continue to be targets of phishing attacks. A number of users have reportedly received convincing-looking emails asking them to download a new version of the Ledger software.
Users can identify fraudsters by looking at the sender’s email address, ending with “legdersupport.io,” with the letter “G” replaced with a “D”. Emails that arrive at an unexpected time stating that a user has been the victim of a scam and requesting information – whether by phone, email, or via a link – should always be subject to extra scrutiny.
Also Read: How to Know Coin Scam or Legit
Check the Software Update
In September, an Electrum user reported losing nearly $15 million in Bitcoin (BTC) apparently linked to a phishing scam that has been affecting software wallet users since 2018.
One of the first reported Electrum attacks – with nearly $1 million stolen – was the result of users entering personal data on a malicious website created by hackers. This scam involves fake software updates that download malware onto the victim’s device. When they access the wallet, the fake update transfers all their funds to an address controlled by the fraudster.
Although the scam was relatively new two years ago, today a simple Google search or email to a software wallet company can confirm whether hackers are targeting a specific user.
Be Careful In Choosing Extensions
Fake Google Chrome extensions have tricked many users into providing the necessary credentials to access their wallets. In March, the Ledger Live scam extension got away with an estimated 1.4 million XRP – over $800,000 with the token’s recent spike to $0.58.
However, the official company has made efforts to limit this attack to users who rely on web browsers as part of their asset management. In September, privacy-based browser Brave announced it would add an anti-phishing solution from cybersecurity firm PhishFort.
Sharing Experiences With Other Crypto Communities
If any user manages to identify and thwart a phishing attack or become an unfortunate victim, one method to let others avoid the same fate is to share their experiences via Reddit, Twitter, personal blogs, or even email to crypto news publications.
Crypto users can sometimes find information about scammer tactics on websites for high-profile targets including Ledger and Trezor, but those pages are often buried deep within the troubleshooting FAQ section.
Spreading the word through social media – while not always reliable – has the potential to provide greater transparency and education in maximizing the security of everyone’s funds.