Cybersafetyconnections February 27th – March 1, 2022, Vol#56
For the end of February 2022 and the beginning of March 2022, I have this exciting article from Coinbase about how to keep your cryptocurrency safe.
- Account Take Over (ATO) is when someone takes over your account without your permission.
- SIM swap is when someone else takes over your SIM information and is a usual way to carry out ATO.
- How to keep crypto secure.
In the same way that the rate of adoption of cryptocurrency and digital assets is on the rise, cybercriminals are also working hard to steal these crypto/digital assets. It is not all bad news, according to Coinbase there are steps you can take to improve cybersafety and digital security.
Let’s begin with an explanation of ATO – Account Take Over.
Account Take Over – ATO
Account Take Over (ATO) happens when someone gains unauthorized access into your account to carry out unauthorized actions. ATO is usually carried out through SIM Swap. What happens in a SIM swap attack is that the bad actor will contact your wireless service provider posing as you and convince the customer service rep to transfer your SIM card information to another device possibly theirs.
If the bad actor is lucky in their social engineering move, then they can start receiving calls and text messages meant for your SIM as well as the two-factor authentication (2FA) sent via SMS. With this stolen information the bad actors will often try to match the SMS 2FA with stolen passwords to gain unauthorized access to your email account, social media profile, and Coinbase /exchange accounts.
Coinbase recommends that it is better to use 2FA rather than not using it at all.
Now to the 3 simple steps to take for cybersafety according to Coinbase.
How to keep crypto secure
- Password Manager
As a best practice passwords should have a minimum of 16 characters, be complex and exclusive. Generating and remembering such passwords may be difficult for you to do, which is why password managers like 1Password or Dashlane are used to generate and remember passwords.
Do you want to know if your password has been compromised in a third-party data breach? Check out this site haveibeenpwned.com/Passwords.
- 2- factor authentication-(2FA)
Along with strong passwords, use two-factor authentication if accessible and possibly the strongest type like Yubikey or a hardware security key that is close to it.
And if the service provider does not authorize Yubikey ;
- try authentication apps like Google Authenticator or Duo Security rather than 2FA that is SMS-based whenever practicable.
- If 2FA that is based on the use of SMS is the only option you have set up the authentication to require a one-time 2FA code to be sent to you every time you log in. This will prevent a bad actor who has stolen your password from gaining access.
- Continue to be clever
Besides taking steps/measures to prevent cyberattacks on crypto, you need to be on the lookout as well.
Avoid becoming prey
- Avoid boasting about your cryptocurrency and digital assets online.
- Find out about your online presence by taking this easy self-assessment.
Beware of schemes
- Hackers may pose as technical support, use social engineering to get personally-identifying information and gain unauthorized access to your Coinbase or other accounts.
- Coinbase informs that it does not request your passwords, 2FA codes, PIN numbers or request remote access to your computer. And that Microsoft, Google, and Apple will also not call you to ask you about your computer.
Watch for URL
- Bad actors may create websites that look like the real company website and use phishing emails with links to steal your information when you provide any of your login information on their website.
- You are advised to use a text editor to check out an emailed link to verify where the link is directing you to.
As Coinbase stated that it is making great efforts to ensure cyber safety, and we on our part need to understand that Cyber safety is the responsibility of all of us.
Subscribe to get the latest post.