Social Engineering, Crypto and you.
Would you walk around with a sandwich board over you that said "I have $35,000 in my wallet in cash right now?"
Would you hang a sign on your door that said "I have a collection of valuable cameras in here and the key is hidden, solve this riddle to find it!"
Would you post on the Internet about how much Crypto you have, what wallets or exchanges you use, and share usernames and passwords across multiple sites including your email?
Chances are, a decent whack of you can unfortunately answer Yes to one of those questions (and I hope it's at least the third one)
I get it. We feel good. Good investments. Some people feel good with a few hundred bucks up, or a few thousand, and some are even luckier than that.
I have seen each of these people post about what crypto they have, how much they have, the wallets they use and where they go to exchange it
Unfortunately, a subset of those people also do not have a separate Crypto account name to other social media and it's only too easy to piece enough information together to social-engineer your way into someones account.
- Phone companies can and will give a sim card with your existing phone number to a new person who adequately pretends to be you. Phone companies do not realise that Sim-swaps are one of the biggest ways to get into accounts both Crypto and traditional.
- Try and isolate your crypto account. New email address not written anywhere online. Phone number not written anywhere online (like on Gumtree / eBay ads). New Username not given anywhere online.
- Your coins are secured on some exchanges, but utilise Whitelists to prevent unauthorized users transferring your coins to their wallets.
- Passwords for wallets or exchanges should not be left to a password-generation service. Use something memorable, not tied to your identity or common interests and not used for any other service. Write it down on paper but "code" it. For example, many wallets use a 20 word keyphrase. Only you may know that the first and last word are swapped over. This is something that's hard to forget, but makes the keyphrase useless to anyone who may stumble upon it even though all the words are there.
It's also no coincidence that the more I post here, the more Reddit Chat invitations I get with links to dubious websites, sometimes those invitations are behind an X-rated link which I think is designed to trick people whose blood rushes away from their brain immediately.
Be really safe guys. Whether you have $100 or $100,000 in Crypto. Don't let your hard-earned gains go to the scammers!