Don’t fall for phishing scams, Stay Informed, Stay Secure

Fake Emails and Websites: Scammers create fake websites and emails that closely resemble legitimate exchanges, wallets, or services. They trick users into entering their credentials, which are then stolen. Be careful here as the return email address can be spoofed (faked). We have fallen for this ourselves. Ensure that email is from the original sender - and not only that, ensure that the original sender is the real company, a legitimate company and a reputable company.

Social Media Deception: Fraudsters often use social media platforms to pose as well-known figures or organizations in the crypto industry, promoting fake giveaways or investment opportunities. One scam that we are often encountering is the ‘winner winner chicken dinner’ scam. In this scam you are contacted after entering a competition by a social media account claiming to be acting on behalf of the competition. The prize is yours but you need to pay for shipping.

Malicious Links and Attachments: Clicking on links or downloading attachments from unknown sources can lead to malware installations that capture your keystrokes and access your private information.

Personal Info Request Emails: These are often referred to as phishing emails, Google has become much better at identifying these, and it seems that these phishing messages are more often raised through social media.

Unreasonable Urgency: A hallmark of phishing is the sense of urgency that is applied to providing information, things like credit cards, email addresses and potential identity theft all require that you provide information without processing if it is a legitimate requirement.

Unsolicited Communications: Be wary of unexpected messages asking for personal information or urgent action. A sense of urgency is almost always involved, the scammer does not want you to see the inconsistencies like a spelling error in an email address.

Suspicious URLs: Double-check URLs for subtle misspellings or unusual domain names, Phishing attacks often involve a branded subdomain so that email communications seem real but are in fact fake.

Unverified Sources: Only interact with verified accounts and official communications from trusted crypto entities. I have received phone calls from a credit card company claiming that I had been hacked, and they required that I provide information about financial accounts in order to protect me - when in reality they were the scammers.

Beware of the differences between your average phishing attack and a spear phishing attack: The main difference is that a phishing attack scam email is not targeted, however spear phishing campaigns are very targeted and aim to extract your personal information, they may ask to clarify your social security number but may in the process provide known information harvested from public online accounts, or possibly from other hacked businesses.

Verify Authenticity: Always verify the authenticity of websites and emails before entering any personal information.

Use Two-Factor Authentication: Enable two-factor authentication (2FA) on all your accounts to add an extra layer of security. Don’t be the victim - force additional loads of compute requirements on the scammers behalf.

Educate Yourself: Stay updated on the latest phishing tactics and scams targeting the crypto community.

Do Not Click: Avoid clicking on any links or downloading attachments from suspicious emails or messages. Never follow a link to login - go directly to the business and login via the trusted path. Use strong passwords as login credentials and educate yourself about these phishing schemes.

Report It: Report the phishing attempt to the legitimate organization being impersonated and relevant authorities.

Update Security: Talk to a professional security consultant before following this recommendation. Discuss changing or strengthening your passwords and reviewing your account security settings immediately.