This page is for information purposes only. Certain services and features may not be available in your jurisdiction.

How to protect your crypto from phishing attacks

As the fascination with blockchain technology and digital assets grows, so too does the threat of cyber attacks. Among these threats, phishing scams have become a considerable challenge for crypto natives.

These online traps use deceitful methods to catch people off guard and result in the loss of valuable digital assets. This article will explore cryptocurrency phishing in depth, revealing the tactics employed by cybercriminals and providing you with the knowledge to protect your crypto assets.

TL;DR

  • Phishing is a common threat in the crypto space, using the complexity of blockchain to execute scams like spear-phishing and DNS hijacking.

  • Spear phishing focuses on individuals, who receive tailored deceitful messages that seem to come from reliable sources with the goal of accessing their digital assets.

  • DNS hijacking is a deceptive tactic where legitimate websites are replaced with fraudulent ones to deceive users into disclosing their crypto login information.

  • Fake browser extensions imitate legitimate ones to steal login information, emphasizing the significance of only downloading from authorized sources.

  • You can remain safe from crypto phishing scams by staying informed, being skeptical, and prioritizing digital security measures. This includes using strong passwords and enabling two-factor authentication.

What is phishing?

The threat of phishing in cryptocurrency isn't a minor inconvenience, but a serious risk to your digital assets. Bad actors are constantly improving their tactics and taking advantage of the complex nature of blockchain and cryptocurrencies. They use a variety of sophisticated schemes to target individuals and companies.

One type of cyber attack called spear phishing involves fraudsters creating personalized messages to trick their target into disclosing confidential data or clicking on harmful links. These messages often appear from trusted sources, such as well-known companies or acquaintances, luring victims into compromising their online assets.

DNS hijacking is a malicious tactic where hackers gain control of valid websites and substitute them with fraudulent ones. This can trick unsuspecting individuals into inputting their login details on the fraudulent site, unknowingly giving away access to their cryptocurrency.

Fraudulent browser extensions pose an additional danger. Bad actors design extensions that imitate genuine ones to obtain login information. These bogus extensions can acquire your wallet's login credentials, resulting in financial loss. To reduce this threat, it's important to only obtain extensions from the developers' official website or other reliable sources.

Numerous fraudulent activities exist in the world of cryptocurrency, such as fraudulent ICOs, Ponzi schemes involving cryptocurrency, and advanced methods like cryptojacking, in which attackers discreetly use your computer for mining crypto.

To stay safe, it's essential to stay alert and follow recommended measures such as creating strong, individual passwords, activating two-factor authentication, and being wary of unexpected opportunities that seem too good to be true. Frequently updating your operating system and software can also protect against potential security threats from scammers. Meanwhile, taking the time to educate yourself on new threats and tactics can also help protect you to navigate the crypto space safely.

How do attackers execute phishing scams targeting crypto?

As technology advances, scammers are becoming more advanced and using various tactics to access your crypto. Let's examine these strategies.

Fake airdrop: the illusion of free tokens

Imagine receiving a small quantity of USDT from a mysterious origin or stumbling upon transactions in your records to addresses that appear uncannily similar to yours. These are typical indications of a fraudulent airdrop project. Fraudsters generate addresses that imitate authentic ones, deceiving you into unintentionally sending your assets to them. The key to protecting yourself? Double-check every character in the address before making a transaction.

Induced signature: the trap of deception

In this scenario, the attackers would create webpages that imitate well-known projects or promote attractive airdrops. When you link your wallet to the project, the scammers entice you to confirm transactions that unknowingly allow them to transfer your assets to their address or addresses.

The induced signature scam comes in many forms, ranging from straightforward transfers and deceptive authorization tactics to sneakier approaches. The more cunning approaches include the "eth_sign" phishing scam, where victims are tricked into signing a transaction or message using their private key, which is then compromised. The "eth_sign" name refers to the Ethereum function call that requests a user's signature to access data. Another sophisticated signature scam targets users of the EIP-2612 standard. Here, users are tricked into signing a seemingly legitimate permit that authorizes an apparently harmless action. Instead, the signature grants attackers access to the victim's tokens.

Website cloning

Scammers copy genuine cryptocurrency exchange or wallet service websites, producing almost identical copies to steal login details. When users enter their data into these duplicated sites, they unknowingly provide attackers with access to their genuine accounts. Before logging in, confirm the website's URL and check for secure HTTPS connections.

Email spoofing

One common tactic is to send emails pretending to be from trusted entities within the crypto community, like exchanges or wallet providers. These emails may include links to copied websites or demand confidential details. Be cautious of any emails requesting private keys or personal information.

Social media impersonation

Often, malicious individuals pretend to be famous figures, social media influencers, or even the legitimate profiles of popular cryptocurrency platforms. They may offer fake giveaways or airdrops in return for small deposits or personal details. Verifying the legitimacy of social media content and avoiding the disclosure of your private keys is crucial.

Smishing and vishing

Smishing and vishing are techniques scammers use to obtain personal information or convince people to take actions that compromise their security. These methods involve sending text messages or making phone calls that may prompt individuals to share sensitive information or visit harmful websites. Remember: reputable companies will never ask for confidential details through these communication channels.

Man-in-the-middle attacks

During these attacks, scammers disrupt the correspondence between the individual and an authorized service, typically on unsecured or public Wi-Fi networks. They can seize the information being sent, such as login information and confidential codes. It's recommended to use a VPN to protect your online connections.

Phishing scam example

Lets look at an example of a typical phishing scam. Here, the scammer uses the Telegram messaging app to trick a user into revealing their email address, leading to further manipulation via Telegram by someone impersonating an official from OKX.

How the scam works

The initial phishing message The scam typically begins on a P2P platform where the victim is approached by a scammer posing as a legitimate buyer or seller. The scammer requests the user's email address under the pretext of facilitating the transaction. Trusting the request, the user shares their email.

Phishing scam initial message
Be cautious of unsolicited messages received on platforms such as Telegram

Contact via email and Telegram Shortly after sharing their email, the user is contacted by the scammer who now uses the email to continue the conversation. The scammer suggests moving the conversation to Telegram, claiming it is more convenient. This shift to an offsite communication method is a significant red flag. On Telegram, the scammer impersonates an OKX official, adding a layer of credibility to their fraudulent claims.

Misleading verification marks On Telegram, the scammer’s profile may appear to be verified, complete with a blue tick. However, it's important to note that this blue tick can be a unique emoji used by the scammer to create an illusion of legitimacy. Users must understand that a blue tick on Telegram does not necessarily indicate an official or verified account. The scammer impersonates an OKX official by using an official OKX Telegram photo, name, or a fake verification badge.

The fake transfer proof The fake OKX official sends a screenshot to the user, claiming that the P2P buyer has already deposited fiat money into the OKX Wallet. These images are often doctored screenshots or fabricated payment receipts intended to add credibility, convincing the seller to send cryptocurrency to the buyer.

Phishing scam fake transfer proof
Scammers often use fake documents and doctored screenshots to create the illusion of legitimacy

Request for crypto deposit After presenting the fake proof of payment, the fake OKX official asks the victim to deposit cryptocurrency into their provided wallet address. Believing that the fiat transfer has been made, the victim sends their crypto, only to later realize that the fiat transfer was never real.

How to identify and prevent phishing attempts

To effectively spot phishing attempts related to crypto, it's essential to remain alert, doubtful, and well-informed. Read on for specific guidance on identifying the phishing attacks mentioned above.

Unexpected airdrops or deposits

Be cautious of unsolicited deposits or airdrops into your cryptocurrency wallet. These can often be a precursor to a phishing attack, designed to pique your interest and make you lower your guard.

By participating, you risk being directed to a harmful website or prompted to disclose private keys or personal details in exchange for supposed additional assets. This strategy takes advantage of the allure and desire for free money or tokens. However, legitimate airdrops from trustworthy projects typically include formal announcements and explicit guidelines shared through official sources.

Suspicious signature requests

It's essential to carefully consider any request for a digital signature, especially if it's unexpected or from an untrusted sender. Phishing attacks may deceive you by requesting your signature for seemingly harmless purposes.

This may unintentionally grant scammers entry to your funds or wallet. Confirm the request's origin and fully understand what you're authorizing before you commit. If uncertain, decline the request and consult experts or communities associated with the specific cryptocurrency.

Offers that seem too good to be true

Scammers use phishing techniques to entice individuals with tempting promises of big rewards and little to no risk. These schemes, giveaways, or lottery prizes could involve a request for a small amount of cryptocurrency or the disclosure of your private keys beforehand.

Reputable businesses and projects typically don't function in this way. Before taking any action, it's important to thoroughly investigate the proposal, seek out official statements, and confirm the contact information.

Protecting your assets: best practice

Whatever the threat, the following best-practice guidance can go a long way towards protecting your digital assets.

  • Examine the source: Verify the legitimacy of the email address, website URL, or messaging account. Be on the lookout for minor spelling errors or the use of subtle special characters intended to imitate legitimate sources.

  • Be cautious of urgency or pressure: Scammers frequently use urgency to manipulate victims into making hasty decisions without verifying information, leading them to fall for a scam.

  • Check for spelling and grammar errors: Legitimate companies and projects will most often guarantee that their communications are error-free, whereas phishing scams often contain mistakes.

  • Bookmarking: To avoid the trap of clicking on malicious links disguised as legitimate ones, bookmark trusted sites. This quick step makes sure you're always accessing the correct website.

  • Verify before clicking on links: Avoid clicking on links and instead hover over them to determine their destination. Use reliable sources and official websites to verify information rather than relying on links from unsolicited emails or messages.

  • Be cautious of verification marks: Understand that a blue tick on Telegram can be misleading and isn't a guarantee of the user’s authenticity. It could simply be an emoji used to deceive you.

  • Double check proof of payment: Never rely solely on screenshots or images as proof of payment. Verify the transaction through your own bank or crypto wallet. Always check that the money has been transferred to your desired payment method via official apps, and don't rely on any screenshots provided.

  • Use security features: To improve your defenses against phishing, apply security features such as two-factor authentication, hardware wallets, and strong passwords.

  • Multi-factor authentication (MFA): Enable MFA for all wallets and tools that offer this feature. This adds an additional layer of security, making sure that even if your password is compromised, unauthorized access is still prevented.

  • Use a trusted wallet: Your wallet choice is like picking a safe for your valuable items. Be sure to choose wallets with a reliable reputation and a secure history. Keep in mind that prioritizing convenience over security isn't a wise decision.

  • Cold storage: One option to protect large amounts of crypto is to use cold storage methods such as hardware wallets. These tools keep your private keys offline, protecting against online hacking methods.

  • Regular software updates: Keeping your software, including wallets, tools, and even your browser, up to date is key. Developers regularly release updates to patch security vulnerabilities. By staying updated, you minimize the risk of being exploited through known weaknesses.

  • Continuous learning: Phishing attacks are ever-evolving, with attackers constantly devising new techniques. It's wise to regularly educate yourself on the latest security threats and ways to defend against them. You can do so by following trusted sources of cybersecurity news and joining cryptocurrency communities to swap information with other users.

The final word

As blockchain technology continues to advance, bad actors are finding new ways to exploit or trick innocent users and gain access to their digital assets. Being aware of the different types of scams is the first step in protecting yourself. Meanwhile, exercising caution and skepticism, verifying the legitimacy of messages, and using security tools such as MFA can help you to enjoy the benefits of crypto while protecting yourself and your assets.

Remember that in the battle against phishing, knowledge isn't just power, it's protection. By taking the time to regularly familiarize yourself with new scam tactics as you also research new tokens, projects, and protocols, you're better placed to identify and avoid new scams.

Disclaimer
This content is provided for informational purposes only and may cover products that are not available in your region. It is not intended to provide (i) investment advice or an investment recommendation; (ii) an offer or solicitation to buy, sell, or hold digital assets, or (iii) financial, accounting, legal, or tax advice. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition. Please consult your legal/tax/investment professional for questions about your specific circumstances. Information (including market data and statistical information, if any) appearing in this post is for general information purposes only. While all reasonable care has been taken in preparing this data and graphs, no responsibility or liability is accepted for any errors of fact or omission expressed herein. Both OKX Web3 Wallet and OKX NFT Marketplace are subject to separate terms of service at www.okx.com.
© 2024 OKX. This article may be reproduced or distributed in its entirety, or excerpts of 100 words or less of this article may be used, provided such use is non-commercial. Any reproduction or distribution of the entire article must also prominently state: “This article is © 2024 OKX and is used with permission.” Permitted excerpts must cite to the name of the article and include attribution, for example “Article Name, [author name if applicable], © 2024 OKX.” No derivative works or other uses of this article are permitted.
Expand
Related articles
View more
View more