In January, operators of the ransomware LockBit exposed the data of BTC-Alpha users, and in February stole the database of the PayBito platform.
The CEO of the cryptocurrency exchange KuCoin Johnny Lyu explains what phishing is and how to avoid such attacks.
What phishing is
Phishing (phishing from English “fishing”) is a form of online fraud in which the attacker tries to obtain access to users’ confidential data through social engineering.
Most often extortionists send messages to users purporting to be brands or services, but they can also call on behalf of local banks.
Usually in emails there are links to clone sites where the user is prompted to enter a login, password, card number or CVV/CVC.
The main weapons of phishing are fear and greed. The scammers make incredibly lucrative offers or threaten loss of funds or account access. They create a sense of urgency, for example asking to urgently follow a link, enter a card number or wallet address.
Other signs of phishing:
- emails from colleagues and clients unrelated to your area of expertise;
- messages about winning money or a prize in a lottery;
- recipients in the ‘Cc’ field whom you do not know;
- tone of the letter that induces fear;
- requests to disclose personal data;
- unusual attachments;
- misleading links to a resource.
Phishing is still associated with “Nigerian letters”, but today the phenomenon has become widespread and has reached the cryptocurrency industry. This year hackers attacked users of platforms Treasure, OpenSea and Binance.
Countering the attacks
Be vigilant for anything that seems strange or unusual. Remember that banks, shops and trading platforms never request personal information, and crypto-exchange support staff do not write first.
If this happens, close the email or hang up, and then contact the company’s representative using the phone number listed on the official website.
Use strong passwords on sites and enable two-factor authentication (2FA) — via email, SMS, or Google Authenticator.
Always check the site’s SSL certificate: its presence confirms that the domain has passed validation by a certificate authority, and the data transmitted is encrypted.
If the site has a certificate, a padlock icon appears next to the address in the browser. You can click it to see who issued the certificate.
Add the addresses of frequently used platforms to bookmarks to be sure of their correctness when logging into your account.
Never click links in messages. If necessary, verify the URL’s correctness, including on buttons like “Confirm” or “Cancel payment”.
“In response to the rise in phishing attacks, KuCoin has introduced additional security checks. For example, when receiving an email or message, users can verify the correctness of contact information. To do this, paste it on the dedicated page Official Media Verification,” explains Johnny Lyu.
KuCoin users can verify the exchange’s site, phone number, authentication code, as well as WeChat, Twitter and Skype accounts.
In addition, KuCoin allows setting an anti-phishing phrase (Anti-phishing Safety Phrase) in the account’s security settings. The exchange will add it to emails and display it when you log in to the site.
The absence of the phrase means you have received a phishing email. In this case, you should close the page and not take any action on it.
Familiarize yourself with the platform’s security system in advance. The absence of 2FA or withdrawal confirmation is a red flag.
“KuCoin can boast cutting-edge security technologies. Our team constantly updates security systems to safeguard assets and users’ personal data. We use measures that prevent access by attackers to sensitive information, and eliminate the possibility of its leakage,” notes the exchange’s CEO.
Last but not least is ongoing education, so KuCoin regularly publishes articles on countering fraudsters in the company blog.
Dealing with the consequences
What should you do if an attack does occur? Johnny Lyu advises promptly contacting the service’s support to freeze the account.
After that, you should definitely change the password and security settings, for example by enabling additional confirmations of your actions on the platform.
Follow ForkLog on YouTube at YouTube!