Hackers Use Old Tricks to Gain Access to Cryptocurrency
High-level encryption protection is not as secure as you believe.
Are you into using cryptocurrency? It’s a digital cash system that has no centralized regulation and uses a unique system to track transactions with complete transparency. One of the benefits of cryptocurrency is it’s protected by a high level of encryption. However, it also gives many users a false sense of security in believing it’s not vulnerable to theft. Recently, the security team at dfndr lab found a 1.8% increase in fraud related to cryptocurrency. Learn what tactics cybercriminals are using and how you can avoid becoming a victim.
Innocent Emails, Not So Much
Email phishing is a common scam that hackers have used for years in order to gain access to sensitive information by hijacking your email account. The most common tactic is to send a spoofed message that looks official and attempts to trick you into clicking malware-infected links that compromises your password and allows the hackers a backdoor into your email. Often times, you are asked to click a link to cancel a suspicious transaction or to confirm a payment you sent. If a hacker can gain access to your email, they can then clean out your cryptocurrency account by resetting passwords or finding login credentials by searching through your inbox.
Google ads and other search engine networks have become a recent target of spoofing. These pages can direct you to bogus look-alike sites that attempt to trick you into entering sensitive information that thieves can use to gain access to your cryptocurrency accounts.
Hackers have also been known to use spoofed chat communication tools like Slack, WhatsApp, Skype, and Telegram. The scams work in much the same way and involve legitimate looking messages containing phishing links used to gain access to your data.
The same tactics can be used in SMS messages and messaging apps. In addition to using malware-infected links, hackers posing as employees might try to get you to text back or call in sensitive information for verification purposes. This is known as social engineering and uses simple deception to try to fool you.
There are several things you can do:
First, never click a link in an email, SMS or other apps. Instead, contact the company directly at a published number. Never give information to a representative that contacts you.
Second, protect your mobile device with antivirus software such as dfndr security. Activating the anti-hacking feature will alert you to phishing links before you click them.
Finally, you can check suspicious links here: https://www.psafe.com/dfndr-lab/.