Kucoin exchange got hacked over the weekend…well, that’s no longer a news! But fact is, hacks and scams in the crypto space is already a norm. In a previous post I commented on the difficulties in handling scams and hacks in the crypto space:
Cryptocurrency’s technology makes it hard to recover stolen funds and most scams go ‘untracked’. To be frank, cryptocurrency skeptics are right when they say that ‘cryptocurrencies facilitate scams’. In a truly decentralized and secured world which the blockchain technology makes tracking individual wealth very easy, however, accessing them is somewhere near impossible. This comes in handy most of the times as security of funds are assured. But this is not the case some other times.
Cryptocurrency scams ranges from the popular exchange and wallet hacks to cryptocurrency ponzi schemes, exchange scams and identity theft scams. In any of these, the perpetrators earn with a fortune, leaving their victims in huge losses of up to millions of dollars worth of cryptocurrency. Wallowing in pain, these victims seek means to recover their lost funds/token, but this is always a huge nut to crack; if that was anything near ‘easy’, victims of the famous bitfinex hack should have gotten their bitcoins back, but those assets are still ‘on the move’
Over $150,000,000 in cryptocurrencies moved from one of the most popular cryptocurrency exchanges and only few recoveries till date. The crypto space keeps getting even wilder and curbing these security breaches is almost becoming an impossibility. Unfortunately, this is the case in every electronic security.
Everything points to the fact the blockchain keeps you in charge, ‘you are your own bank’ and this means that you control every aspect of management of your funds, including its security. Once lost, recovery is very tedious. Prevention is thus the best approach. How do you stay as safe as possible?
The only way to stay Completely in the crypto space is to stay out of it…lol. That was a bit too extreme, but the fact, to be frank. Scammers are on the look-out for every possible means to access your crypto funds. This include malicious applications which monitors your device clipboards to get hold of private keys copied to your clipboard, ponzi schemes which utilizes personal greed to syphon cryptocurrencies from gullible investors, and extremely smart tricks to hack cold and hot wallets.
But here’s some tips to keep you ‘safer’.
Healthy Password and encryption habits
So, you just created a new account, or a new wallet; next up is a new password. Passwords are the commonest electronic security strategy. Your ability to create a sophisticated password and secure them safely is vital to your electronic security. Away from cryptocurrency, password habits are essential for every internet user.
Developing a strong password, keeping them safe and remembering them; each of these are tedious and sensitive processes. A couple of writings on security tips suggests the best practice in password development. Taking a look at these tips, developing abstract passwords is the safest way to do it. A password without reference to a common knowledge of you is unarguably harder to guess. Popular ways of developing passwords such as; a combination of your names, birth date and other notable dates, hobby e.t.c have simplified ‘hacks by guessing’ in many known cases. An abstract password makes guessing harder for the intruder.
To reduce the stress of remembering passwords, we tend to re-use one password for many profiles. This practice creates room for a greater danger. Just like the idiomatic ‘putting all your eggs in one basket’, using one password for multiple profiles further extends your vulnerability. When one is broken, others follow. A better practice would be creating a new password for every profile, but that would be a hard nut to crack right, you could easily forget them…I understand, but with a good storage practice, you can manage as many passwords as possible.
Storing your passwords over electronic media also keeps you at bay. Several reports of passwords stored in medium like emails, google drive and pastebin, getting stolen shows how frail these media could be. Offline storage keeps you safer. Get a book, write them down…now keep the book as safe as possible.
Get your crypto off exchanges!
Exchange hacks are unarguably most profitable for cryptocurrency scammers, incidence of exchange hacks leads to loss of huge amount of funds. Mt. Gox, Bitfinex, Binance and now Kucoin the list is actually inexhaustive.
‘Not your keys, not your wallet’, regardless of how ‘SAFU’ the exchange promises you that your funds are with them, your cold wallet which you (and only you) hold its private key is the safes place to store your cryptocurrencies. Blockchain technology assures fund security, but this is only when they are truly in your custody, and this is as long as you’re the (only) one with the knowledge of your wallet’s passcodes and private keys
The warning is continuous, but the recent exchange hack reveals most people are yet to take the advice or learn the lesson.
Enabling authentication for your profiles
Two-factor authentication add more strength to your security. The most popular google authentication connects your profile to the google authenticator and allows ownership verification through codes generated by the authentication application. SMS and email verification also make breaking into your accounts harder as an intruder will need to get hold of more security assets before successfully breaking into your account.
Unfortunately, most internet users don’t seem to realize the importance of enabling authentication services for their account. To stay safer, this is an important thing to do. Enable as many authentication services as possible (available) for your accounts.
Social approach to security
Sometimes you deserve the blames for your predicaments, because you caused it! Hackers are social engineers; most hacks are done by tips given up by the owners of the accounts. Keeping your security details safe is your obligation. Social hackers devise means to obtain these details or helpful hints about them (your details) from you.
If you are unable to keep secrets, then may be this space is not for you. Not just the crypto space, the internet as a whole. Develop the ability to withhold from disclosing any information about your security details. Very tiny hint is all a social hacker needs to progress in their attempts.
The internet is filled with phishing links, in the guise of website links, hackers are able to obtain details stored on your device through special links which breaks through your device permissions and gives away vital details stored on your device. To stay safer, always determine the authenticity of links presented to you. If looks fishy, then you are about to get Phished…lol. Keep safe, click safe links only.
In conclusion, strategies used to break into user accounts are ever evolving, everyday births a new way to get to break into ‘secured’ profiles, looking out for existing and emerging means of scamming investors, taking precautions to stay safe from them by applying advised security measures is the most effective way to protect your funds and stay safe in the internet