This $36M SIM Swap Scam Will Remind You of Good Practices To Secure Your Bitcoin

This $36M SIM Swap Scam Will Remind You of Good Practices To Secure Your Bitcoin

By ssaurel | In Bitcoin We Trust | 3 Dec 2021


Once you understand the why of Bitcoin, you will want to get Bitcoin. Perhaps you will even have been looking for getting Bitcoin before you understood its why. This is usually the path taken by most people who enter this new world full of promise for the future.

In any case, your options for obtaining Bitcoin are roughly fourfold:

  • Buy Bitcoin by exchanging your fiat currency (USD, Euro, ...).

  • Get Bitcoin as a reward for your work as a miner helping to secure the Bitcoin network.

  • Get paid for your work in BTC.

  • Sell goods you already own for BTC.

For the record, Changpeng Zhao, the founder of Binance who is nicknamed “CZ”, sold his apartment in 2014 for 1,500 BTC. He spent 100 to cover his needs in the following months and years, but he still has 1,400 of what the sale of his apartment had brought him.

An extremely lucrative operation since he managed to turn the $450K of his apartment at the time into more than $85 million at the time of writing. Of course, to do this, one had to have enough confidence in Bitcoin to remain a HODLer no matter what. That's the case with CZ, who has since earned much more as head of Binance.

So you can see that selling goods for BTC can be extremely interesting.

Most people leave their BTC on trading platforms by securing their account with a 2-FA method based on SMS

That being said, most people get Bitcoin by exchanging fiat currency for BTC right now. This will change in the future as the mass adoption of Bitcoin continues, but for now, that's the way it is. While Bitcoin ATMs are multiplying around the world, exchange platforms remain the most widely used by anyone who wants to buy Bitcoin.

Within the category of exchange platforms, you can even distinguish between centralized and decentralized ones. Again, it is one category that largely dominates, namely centralized exchange platforms like Coinbase, Kraken, Binance, or KuCoin.

If you've ever bought Bitcoin on these platforms, you've probably noticed that they offer two-factor authentication (2-FA) with a password, and by default, a code sent by SMS to your smartphone.

Many believe that this 2-FA method is secure enough. After all, you have your smartphone in your hand (or in your pocket) all the time. So you think you are safe. The story I'm about to tell you should help you better appreciate the risk you're facing.

A $36 million SIM Swap scam reminds us why this is a horrible idea in terms of security

In March 2020, police in Hamilton, Canada launched a joint investigation with the FBI and a branch of the U.S. Secret Service that specializes in electronic crimes to try to uncover a cryptocurrency scam. The victim had been the target of a SIM card scam or SIM Swap.

In this type of attack, scammers take control of their target's SIM card after requesting a second one from their carrier. To achieve this, the scammers use social engineering or phishing attacks to get as much information as possible about their targets. With this data, they can then request a new SIM card from the operator and receive, among other things, the codes used in the double authentication by SMS.

One American was reportedly robbed of approximately 46 million Canadian dollars in cryptocurrency, or more than $36 million. This is currently the largest cryptocurrency theft reported by a person, explained on November 17, 2021, the Hamilton police, in a statement. The joint investigation revealed that some of the stolen cryptocurrency was used to purchase a rare online username in a multiplayer video game. That transaction led investigators to the account holder, a young man living in Hamilton, Canada.

The scammer was arrested for theft of over $5,000 and possession of illegally obtained goods or proceeds. Hamilton police have made several cryptocurrency seizures, but so far have only been able to recover just over 7 million Canadian dollars. A far cry from the 46 million stolen. The suspect is expected to be brought to justice soon.

Use a 2-FA method based on a one-time password generation application for your BTC stored on trading platforms

This story shows you that when it comes to security, you can't trust your SIM card. So you have to choose a 2-FA method using a one-time password generation application like Google Authenticator. I don't understand why the exchanges don't impose this on their customers, most of whom are not aware of the risk involved with SMS-based 2-FA.

After having implemented the 2-FA via applications like Google Authenticator on the exchange platforms, the next step is to leave on these platforms only a minimum of what you own in BTC (ideally zero). Indeed, the best security is to take your Bitcoin out of these platforms and put it in cold storage, such as a hardware wallet.

By doing this, you will secure your wealth, and you will truly take control of your life. I repeat this frequently in what I write, but that's because I frequently see people destitute by having lost all or part of their BTC.

It would be a shame to miss out on the Bitcoin revolution because of negligence on your security. It's up to you to make sure that doesn't happen.


In Bitcoin We Trust Newsletter: Everything around Bitcoin, Blockchain, and the cryptocurrency market

How do you rate this article?


73

1

ssaurel
ssaurel Verified Member

Entrepreneur / Developer / Blogger / Author.


In Bitcoin We Trust
In Bitcoin We Trust

In Bitcoin We Trust is a place where Bitcoin believers share their ideas about the upcoming revolution. Blockchain and cryptocurrencies are also covered in this publication.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.