How to protect your crypto wallet from hacks and scams

0
Profile picture of Kadeem Clarke Hacker Noon

Kadeem Clarke

Head of laboratories @ Momentum 6 | Technology entrepreneur | Blockchain investor | Car enthusiast | Ask me about crypto and NFTs

Immutability is one of the characteristics that attracts people to blockchain technology. People who want to benefit from decentralization and unrestricted transfers are also drawn to cryptocurrencies. However, cases of crypto theft are also rife, and some have called cryptocurrencies “dangerous.”

Not so long ago, hackers stole $ 600million (£ 433million) worth of cryptocurrencies in what has been described as the biggest crypto theft in history. nowadays. In a statement sent by Poly Network, hackers exploited a smart contract vulnerability in their system and stole the money. This is not the only isolated case, as individuals have also recently reported crypto theft from their wallets. To better understand how crypto theft occurs, we need to analyze how public keys, private keys, and seed phrases work:

What you have, what to show, what to keep.

A cryptocurrency wallet is like a house.

picture

You have an address (the equivalent of a public key) that identifies your home. People can then send letters and postcards as long as they have your address.

A private key is equivalent to the key to your house. You will need this key to access what is in your house, letters and postcards received. Just like you protect your house key, you also need to keep your wallet private key safe.

The seed phrase represents your private key, but it is represented in a readable format. The start phrase is encrypted to make it easy for you to recover your digital assets as long as you remember the start phrase. The start line is the key to your house and everything in it.

picture

Scams that target your wallet

Since you understand how crypto wallets work, it’s time to point out the different types of scams that can cause you to lose your digital coins:

picture

Social media crooks

Social media has been both a blessing and hell for some people. Scammers often use social media to scam people out of their funds. A perfect example is a scammer who masqueraded as Elon Musk and promised to double every BTC sent to a certain BTC address. It turned out that the hacker had hacked into a verified Twitter account, changed the name to Elon Musk, and asked people to send money. Humans are wired to crave free stuff, and they ended up sending BTC in the hopes of getting double (just for a 2x, ngmi). And unfortunately, they lost.

picture

Key phishing

These scams use psychological manipulation to gain access to vital information relating to user accounts. Phishing scams in the crypto space are very common and attackers are interested in private keys. The method works just like standard scams. Usually an email is sent with a link that asks crypto users to add their private information, such as their private key. The crooks will then harvest the information and use it to empty crypto wallets. Blackmail is another social engineering scam that works. The hackers will claim that they have information about the adult sites that you have visited that you have to pay in Bitcoins, otherwise they will leak this data to your close contacts.

diagram the Ponzi

Fake websites with enticing rewards work like scammers on social media. These sites promise to double or even triple your money in a day, week or month. All you have to do is put your money on the line, and they’ll pay you a certain commission as a profit every day. A perfect example of such a program is when they promise to pay 1.5% profit every day. Some of these sites will also have a section where you are supposed to enter your private key before “claiming” the reward. This will leave your wallet exposed and your coins susceptible to being mined.

picture

How to protect yourself, before destroying yourself

To research

Humans are wired to desire free things. However, be sure to do your research thoroughly before “claiming” this amazing offer that you find on the internet. It is normal to call for airdrops. However, be sure to avoid sites that prompt you to enter your private key.

picture

Check the permissions granted

Connecting a wallet simply means pairing it with other apps. Connecting a wallet to an app or website does not allow hackers to steal your funds. Connecting your wallet to a website will not allow hackers to see your private key and steal your funds. Logging in just allows website owners to see your portfolio and it ends at this point.

picture

Revoke permissions

Concerns should arise when you allow a certain app or website to spend the coins in a wallet. Granting permission to an app or website means that your cryptos can be moved from the wallet without your involvement.

picture

Here is the process for revoking granted permissions:

You can revoke the permissions that you have granted to a protocol. There are many tools you can use, but one of the most reliable is https://app.unrekt.net/. However, there is a charge for each revocation and you can avoid the headache of fees and revocations by sending all of your coins to a new wallet.

picture

Burnin Shitcoins

You may come across a random token deposited in your wallet. 99% of these tokens are scams. Never approve such a token as some will ask for your private key to make the tokens “available”. In some cases, approving or moving the token will simply allow hackers to gain access to your private key.

Ignore these tokens or send them to a burn address such as 0x00000000dead.

At the end of the line

The security of your wallet is your responsibility. You should never divulge your private keys and seed phrases to anyone if you want your digital coins to be safe. Any application or website that prompts you to enter your private key should be ignored.

Also posted on: https://medium.com/momentum6/shadowy-super-hackers-want-your-stacks-what-to-watch-out-for-d5c6184a97c4

Keywords

Share.

About Author

Comments are closed.