What Is Phishing In Crypto And How You Can Avoid It
Phishing attacks are on the rise, and they’re making it easier than ever for cybercriminals to steal your identity, your money, and even access your devices. FBI’s Internet Crime Complaint Centre records over twice as many incidents of phishing than any other type of computer crime. Of course, with the rise in popularity of cryptocurrencies, we are seeing more and more phishing attacks in the crypto industry as well.
To help you stay safe from phishing scams, we’ve put together this guide to what phishing is and how you can protect yourself against these dangerous cyberattacks.
What Is Phishing?
Phishing is a type of email scam where hackers will send out fake emails that appear to be legitimate messages sent by companies or organizations that you know. These emails usually contain attachments that contain malicious software (malware), links to malicious websites, or requests for personal information such as usernames and passwords.
Phishing attacks aren’t limited to just email — they can also take place on social media sites like Facebook or Twitter and messaging apps like WhatsApp or Telegram. For example, cryptocurrency scammers have been known to send out fake messages on Telegram or WhatsApp claiming that users have won free bitcoin or another cryptocurrency token — but all they have to do is click on an attachment in order for them to claim their “won” tokens.
How You Can Protect Yourself Against Phishing Attacks
The best way to protect yourself against phishing attacks is by being careful about what you click on and where you go online.
Here are some tips:
- Don’t open emails from people you don’t know personally or professionally; if possible, don’t open any unsolicited emails at all
- Be suspicious of any emails that ask for personal information or advice on how to proceed with an order; legitimate businesses will not ask for this kind of information via email
- Use caution when visiting websites that look like popular retailers’ sites (such as Amazon), but are not actually those companies’ sites; if in doubt, check the address bar at the top of your browser window to make sure you are on the actual site you wanted to visit. For example, a scammer might have created a replica site of Amazon and instead of amazon.com, it might be named amaz0n.com.
- If you visit a crypto website NEVER enter your seed phrase to “connect your wallet”. Web3 integrations will not ask for your seed phrase only to connect your wallet.
- If you get a private message on your Telegram account always double-check the username of the sender. Crypto scammers are known to replicate the name and avatar of your connections and will find an excuse to ask you for money.
- Never trust private messages from “admins” of groups you follow. Admins will never DM users to help them or ask for their seed phrase.
The first step to protecting yourself against phishing is recognizing that phishing attacks exist. Second, be assured that a legitimate company will not ask for personal information from its customers (i.e. seed phrases, passwords, credit card numbers, and so on). Remember: if you receive a private message or email that appears to be legitimate, but is asking you to “update” or give away your personal information such as seed phrase or password do not answer it! A genuine company will never ask for such information.
At Cyberscope, it’s our mission to protect retail investors and traders from scammers and fraudsters, so if you ever are in doubt about someone trying to scam you, feel free to send us a message!