You need to really pay attention to this. I am not joking. Recently a friend got phished via his TREZOR wallet! Yes! Simple. Click a link, goes to upgrade, asks for their keyphrase and bam, cloned device.
What is Phishing?
Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and credit card details, and passwords.
The information is then used to access important accounts and can result in identity theft and financial loss.
Cybercrime exists because it’s profitable. You might think the efforts of malicious actors are petty or trivial when you delete obvious scam emails from your inbox, but every so often, one of them works — and it makes money for the bad guys.
Speaking of money, if you know enough to recognize a phishing scam email. Cybercrime has wasted no time hatching schemes to take advantage of the new crypto trading infrastructure through email phishing campaigns.
If you or anyone you know is trading cryptocurrency, you need to be aware of these scams.
Similar to the way hackers attempt to compromise more traditional banks, crypto phishing attempts are often disguised as requests from valid banking operations for your personal login information. In the case of MyEtherWallet (MEW), the phishing email sent to users suggests that there’s been an unrelated security incident on MEW servers and the company needs your login info.
Like any good financial institution, MEW does not request this information via email and submitting it could put you at risk of compromising your wallet.
Mew is an access portal to the blockchain it holds NO details from you, so why would they email you?
2. PAY FEES ON MONEY WON
This is just a crypto-flavored remake of an old trick. This phishing scam contacts you to let you know you’ve won a large sum of money, but you’ve got to pay the taxes on it in order to receive payment.
It’s the same old bait-and-switch hackers have tried time and again. Don’t fall for it.
3. WALLET ATTACKS (ELECTRUM/TREZOR & LEDGER)
In this attack, the hackers have sent users of another crypto wallet notifications that they need to download a new version of the software. A look at the company’s official statement will reveal that in fact, the latest build of Electrum is 3.3.3, not the 4.0 build suggested in the attack.
Fall for it, and you download a malicious program that could put your money in the hands of criminals.
4. FAKE ICO SCHEMES
While not limited to just phishing campaigns, criminals will target you with offerings for coins that don’t exist. All you have to do is sign up using this new company’s proprietary wallet software, “fleecemypockets,” and send as much money as you’d like to invest.
Your purchase certificate will arrive in the mail after you pay the entry tax, which goes to the same email as the wallet software. Steer clear.
Another thing to consider is how EASY it is to make and clone a website. Anyone can do it and get money into a wallet from fake stuff.
5. SEXTORTION SCAMS
These are a relatively vanilla remake of the classic phishing scheme with a few new tweaks. You receive an email that makes mention of one of your existing passwords to show that the hacker has compromised your account. They then threaten you with the notion that they’ve acquired pictures or videos of you that are sexual in nature and could make them public if you don’t pay in crypto. Don’t fall for it.
I cannot stress enough how you need to be secure with your information and always double and triple check everything you receive.
Hope you all appreciate this, I feel it is suited to the beginner section. Scam awareness and phishing should be learnt as early as possible.