Ignorance is not Always Bliss — Don’t Let Cyber-Crime Fool You

It’s hardly breaking news when someone gets scammed, but it is heartbreaking. No matter in which environment you find yourself, there is a risk that malevolent individuals are lurking in the shadows, trying to get their hands on something that doesn’t belong to them. 99.73% of the year, nothing happens, but that one day when you were inattentive at the wrong moment will define that year for you. ‘Ah yes, 2023, the year someone nicked my wallet at the station…’ and you lower your head, remembering that tedious police report you had to fill in. It’s a shame that our brains are wired to remember negative experiences over all the positive ones we’ve added to our collection. Survival of the fittest relies on improving upon past failures, so in an evolutionary frame, it does make sense. You’ll just have to do that kayak tour to the waterfalls again, I suppose.

Within blockchain technology, and thus the financial sector and digital industry, it has become more than obvious that users must be vigilant at all times along the experience chain. Scams, unmotivated project leads, hackers, and opportunistic criminals are unfortunately still grazing through the field of novice investors and traders. Despite the transparency blockchain ledgers can provide, the anonymity within the decentralized realm of cryptocurrencies and the complexity of reading and understanding transaction flows certainly aids bad actors.

But blaming the technology would be short-sighted, considering scams, fraud, and crime (especially within finance) have been around pretty much since the invention of trade practices. Everything evolves, and therefore we must too. To succeed, we must understand and learn how to protect our belongings from being taken away from us. Just like you’ve learned that your bank will never call you and ask for the pin code of your bankcard to access account information, you can learn to navigate past most traps within the crypto industry.

Let’s dive into some important best practices to build a first layer of protection to stay safe within the blockchain industry. However, be aware, this will be a continuous and ever-growing learning experience to follow up on regularly. Fast-paced environments are fickle that way.

Best-Practice Security Measures

Keeping your holdings safe within your wallet is one of the most important lessons any blockchain user must learn right at the beginning of their journey. Never share your seed phrase, private keys, or passwords with anybody, not even the person you trust the most (it’s none of their business or responsibility to store them for you). You should also never store this data digitally, which is ironic considering the topic, but sometimes keeping things in the physical world is the better choice (like a good French wine or a forest walk). Therefore, write the crucial account information down on a piece of paper or in a notebook, for example, and store it in a safe location (ideally, fire and water damage-proof). Furthermore, to increase safety, it is always recommended to make use of hardware wallets (e.g., Ledger, Trezor, etc.) to store cryptocurrency keys offline. This is especially useful for long-term holdings that don’t move frequently. There are many wallet options to choose from, and you can easily get some initial insights about them in one of our previous articles. Hot wallets, in particular, can be tricky to choose, as there are many available, and not all have been around long enough to ensure strong enough basic security features to withstand attacks. It is important to choose reputable services because hot wallets are constantly connected to the worldwide web, making them prone to hacker attacks. Therefore, never share your public wallet address just anywhere, especially on social media platforms, as it can make you an easy target for cyber-criminals who are phishing for easy prey. If you really want to try your luck on a random giveaway challenge, try to use a wallet that is empty and not directly connected to your actual investments.

Nowadays, no matter where you are, login credentials are usually coupled with additional security features. Although SMS-based 2-Factor Authentication (2FA) codes are a good additional hurdle, they are subject to sim-swap scams in which the thief hijacks your SIM card to bypass the additional security. A much safer option, as the SEC recently found out, is app-based 2FA.

Furthermore, you can also choose to encrypt your devices and wallets used for cryptocurrencies, including all backup devices that might be used in the process. Although this can be a lengthy and time-consuming process, it’s never a bad idea to add as much security as possible. A less drastic step, but not unimportant, is to make sure your software is always up to date (e.g., your web browser, to name an easy one).

Scams, Schemes, and Trickery

Whether they target users through software vulnerabilities, blockchain types that can be more easily breached, or specific setups is almost irrelevant. Reports have shown that during the bull run year of 2021, an estimated $14 billion was stolen from blockchain users. No matter the security measures in place, a motivated individual out there will eventually find a way to gain unauthorized access and take what they want. It is your responsibility to know how to prevent known breaches and stay up to date to detect unfamiliar threats. Knowledge and experience help refine situational assessment skills. If it sounds too good to be true, it’s probably not true. However, going through this on your own can turn out to be an expensive learning experience, and therefore, we believe it is important to share experiences and insights to stay clear of criminal threats. We are a global community, after all, striving for personal goals with shared means to achieve success.

One of the best-known digital cybercrimes is called a Phishing Scam. In this practice, the attacker uses emails or websites to steal private user information, including wallet keys. This approach has been around since before the birth of web3 but sadly found its way into the crypto industry. Some key checks to prevent falling for this fraud include checking the sender’s email carefully and building a reflex that the subject matter may be suspicious. For example, anything offering something for free, a security alert, personal problem assistance, etc., would only ever be done in a public announcement with the request for you to reach out through known official channels. If a new channel is proposed within the announcement, you can be fairly certain you are facing a social media scam. It’s also referred to as the Impersonator Scam. This can happen when hackers take control of a social media platform, like Discord or Twitter, for example, and post an important announcement with a link through the hacked user account who has admin rights. Usually, they will tempt you with an airdrop or giveaway coupled with a link to register. Best practice: don’t click the link. If you hold a token that is eligible for an airdrop, the blockchain ledger already knows this, and you don’t need to register anyway. This type of scam plays on your trust, emotions, and desires and can be hard to resist, especially in a bull market scenario when many inexperienced traders enter the market. This is the moment when you, as an experienced token holder, must step up. Together we are strong.

Furthermore, projects sometimes (especially, but not exclusively, meme coins these days) resort to a type of theft referred to as a rug-pull. This is a practice where fraudsters inflate the value of a new venture or cryptocurrency and then disappear with the invested money, leaving investors with worthless assets. The anonymity of project leads is a key element for the successful disappearance. One of the most famous frauds of this type has to be OneCoin, which defrauded its investors of $4 billion in 2017. OneCoin was ironically also a Ponzi scheme, which in itself doesn’t have to end in a rug pull, but basically promises new investors high returns with minimal risk by attracting new money through investor connections. In practice, new money pays for old money, but eventually, this cannot be sustained, spirals out of control, and collapses. A non-crypto example would be the infamous Madoff case, which by the end of 2009 defrauded investors of roughly $65 billion. Within the blockchain industry, famous Pyramid schemes such as BitConnect or PlusToken caught media attention over the past decade, but there are certainly many more that can be uncovered. In terms of monetary value, they don’t come close to traditional finance, but they hurt those affected just as much.

It’s important to understand how a blockchain project operates. As an investor, the responsibility to research how a business functions, generates revenues, and so forth is crucial. Blockchain technology is transparent and open source, which means transactions and money flows can be traced. However, understanding what these flows mean is even more important. Financial freedom comes with more responsibilities than simply choosing which token to hold.

Concluding Thoughts on the Industry

Although it may seem daunting to many retail investors that there are so many potential risks to keep in mind within decentralized finance, it is important to realize that these same threats exist outside of this space too. We simply choose to ignore them, have learned from a young age what to do and what not to do, or have outsourced the responsibility (at a monthly admin fee with little interest as returns) to an institution.

The blockchain industry offers individuals the opportunity to participate in the finance game they couldn’t afford before. It comes with risks and jealous players who try to take the easy route. But with some effort to get the basics right, it can be a smooth journey after all.

You don’t have to read up on every scam out there if you just want to hold a few crypto tokens on your hardware wallet for a couple of years or even decades. All you need to do is stay aware enough of what is going on around you. Think of it as adding a new section to your morning news app.

Being aware is the first step to keeping your funds safe from crime. Then there is vigilance, logic, and rational thinking. We all have the capacity to exercise these skills, but sometimes we need to remind ourselves of that fact.

Last but not least, controlling our emotions and desires is crucial, especially in reaching our financial goals. Tempting offers can easily get the better of us, especially if something bad recently happened to us and a little extra cash would be so nice right now.

We invite you to join our Fish and Chips Discord community to stay updated on recent events in the crypto industry, discuss security questions you may have, debate projects, or share scams that you have come across so that others can protect themselves. Thank you for reading.