Coinbase, one of the most popular cryptocurrency exchange platforms, added about 1.9 mil users over the last two months. In the same period, blockchain.com, the leading online cryptocurrency wallet, saw about the same amount of growth.
The newcomers, especially those that are unaware of the risks and security holes in the complicated world of digital currencies, might become easy prey for hackers and cybercriminals.
One common way to target cryptocurrency investors is the phone-porting attack. Hackers snoop around social networks, looking for conversations related to cryptocurrency, in which investors post their contact information for easy contact. Then they call up the phone service provider in an attempt to trick the customer service manager into transferring the phone number to a device under their control.
Once the hackers gain control over the phone number, they can access the victim’s cryptocurrency exchange account by resetting the password, which allows them to steal digital currency from the account. Cody Brown, a virtual reality developer, lost around $8,000 worth of cryptocurrency on Coinbase in as little as 15 minutes, which was made possible by the phone-porting attack.
A phone number is not the only point of weakness that may be used by hackers. Cryptocurrency theft happens via viruses, computer hacks, phishing attacks and cryptocurrency Ponzi schemes.
As of today, there’s no perfect solution to the problem. In the digital age, hard drives and computers have become the new bank vaults. And our real-world knowledge of protecting money from theft doesn’t always help in the virtual world. The following suggestions can help new cryptocurrency investors keep their cryptosavings safe:
1. Before you open up an account on an online exchange platform, set up a new and unique email that will be used for that account.
2. Set a really complex and long password, and make sure you are the only one who has access to it.
3. Do not use SMS-based two-factor authentication and account recovery via email account. Instead, move to Google Authenticator while keeping SMS account recovery off to avoid a phone port attack.
4. On Coinbase, setup the Coinbase Vault and two-factor authentication for any transactions off-site.
5. Don’t mention your cryptocurrency investments publicly, especially on social media.
6. Call your phone provider, increase the level of security if you can, see if you can add a passcode to it.
7. Don’t trust online exchanges as much as you trust a bank, even if it takes security seriously and has system designs to protect users.
8. Don’t keep all your digital currency in one place. Diversify among exchange platforms you trust. It’s very unlikely you are going to get hacked at the same time through all of exchanges. Use different emails and passwords for each for extra protection.
9. Store your cryptocurrency offline, in a so-called “cold wallet.” It is not a brand, it’s a way of storing digital currency off the internet so that it reduces the opportunities for cybercriminals to steal it.
10. If you must use a centralized exchange like Coinbase, make sure to withdrawal often. Best place to store your tokens is a hardware wallet, which is a special device that normally looks like an USB stick. Hardware wallet creates transactions without connecting through the internet that are only accessible if you own the device.
Follow these easy steps, stay safe and the cryptospace will bring you nothing but joy!