Best Binary Broker!
Perfect for beginners!
Free Demo Account! Free Trading Education!
Only for experienced traders!
Cryptocurrency Phishing Attacks: Be Cautious!
Ever since the very beginning of the internet, there has been a type of malicious activity almost immune to technological progress in cyber-security, social engineering. Nowadays, the target of these practices can be anyone, including you and your coins.
The type of attacks known as phishing relies on the fallibility of human judgment and perception. Phishing, the most widespread form of attack, is used to extract sensitive data such as credit card numbers, social security numbers, passwords, and other confidential information from unaware users online by letting them submit this information directly to the attacker.
Trust your device
Your internet browser and software wallet are often prone to malware, viruses or various types of attacks. If you have the Trezor wallet, however, you are offline i.e. being isolated from the malicious attempts.
The fundamental purpose of safe hardware wallets such as Trezor or Ledger is to keep your recovery seed isolated. Nevertheless, you should always thoroughly check your device for confirmation of all features, especially when interacting with Trezor. Your PC should never require the use of your seed unless you want to recover the wallet (for example, after losing the device).
More, should you ever need to use the recovery seed to access your accounts, the device will always instruct you to enter the words in a shuffled order. We recommend entering the words of your seed directly on the hardware wallet instead of on PC. This will help you maximize the safety of your transactions.
The impersonation technique is one of the fastest to execute and technologically simplest to implement. The attacker usually impersonates a customer services agent or sales rep of the manufacturer of the wallet and tries to lure sensitive information from an unaware user using e-mails, phone communication or a spoofed website.
Remember, Trezor (SatoshiLabs) representatives will never ever ask for your recovery seed (in any form) or a credit card number.
If you ever have a problem with your device or would like to ask a question about Trezor-related issues, the only safe way of contacting Satoshi Labs is by sending a support ticket to their Support center. Alternatively, you can write your comments here on our website. We will do our best to answer all your questions.
SatoshiLabs do not provide phone call or live technical support. Therefore, never call numbers that claim to be associated with Trezor’s support team.
Many phishing techniques aim to bring you to a fraudulent site where all information can be collected and controlled by the attacker. Similarly to the impersonation techniques, these techniques are designed to rob you of your private keys.
DNS Spoofing (“DNS poisoning”)
is an attacking technique which takes advantage of the way DNS works to navigate the visitor in a wrong direction, making the site appear to be offline or even redirecting users to a server controlled by the attacker. On the other hand, BGP hijacking is a technique in which the hacker takes control of a group of IP prefixes assigned to a potential victim. Both methods can be identified by an invalid SSL certificate, however, users tend to overlook the warning, leading them to the malicious site. It is, therefore, crucial to carefully watch all signs, especially when working with sensitive things such as cryptocurrencies.
Unicode domain phishing
Another potential type of attack unicode domain phishing attack, also known as IDN homograph attack, relies on the fact that the affected browsers show Unicode characters used in domain names as standard characters, making them impossible to distinguish from domains that are legitimate.
While your browser may show the address as www.bitfinex.com the legitimate domain may be slightly different e.g. www.bítfínex.com.
If an attacker registers a domain that is visually indistinguishable from a legitimate one, he or she can trick users into trusting the site.
Another well-known technique is distributing SPAM e-mails aimed at luring from users name and password of any crypto exchange or their e-mail account/s.
This is what a fraudulent e-mail may look like
The above screenshot depicts the photo of an e-mail which was sent to a crypto trader who then passed it onto Facebook as a means of warning for the rest of the users
Notice that the sender’s e-mail address is [email protected], while the official website of Poloniex is poloniex.com. (Notice that the end segment of the sender’s e-mail address should have been @poloniex.com!)
Cyber-squatting or domain squatting refers to illegal domain name registration or use. While the forms differ, the goal remains the same: to steal or misspell a domain name. Cyber-squatting can also include “advertisers” who mimic domain names that are similar to famous, busy websites.
A few recommendations to protect yourself against becoming a victim of a phishing attack:
- Trust your device. Look for confirmationon the screen, especially when it involves transactions or your recovery seed
- Make sure the URL is exactly: https://wallet.trezor.ioor https://beta-wallet.trezor.io.
- Save the https://wallet.trezor.io as a bookmark to avoid misspelling it in the address bar of your browser
- Although the green lock on your browser (on the left-hand side from the address) may not be a guarantee of the authenticity of the website, be alarmed if it is missing
- Never give your recovery seed to anyone (including Trezor’s technical support, CEO or anyone else).
- Carefully observe the website addresses and watch out for any mistakes in the spelling or atypical characters.
- Use updated security software, install security patches and updates once available
- Avoid clicking on links in an e-mail or social media unless you are absolutely sure that these are authentic
- Pay close attention to shortened or incomplete links, especially on social media
- Remember, the representatives of SatoshiLabs (manufacturer of Trezor) or Ledger will never contact you on Facebook or by e-mail to give them any data
More about the author J. Pro
Unlike Stephen (the other author) I have been thinking mainly about online business lately. I wasn’t very successfull with dropshipping on Amazon and other ways of making money online, and I’d only earn a few hundreds of dollars in years. But then binary options caught my attention with it’s simplicity. Now I’m glad it did because it really is worth it. More posts by this author
Lookout for These 11 Cryptocurrency Scams
As the market shares of Bitcoin take us on a rollercoaster ride, e-wallets, cryptoexchanges, and other cryptocurrencies are popping up. New “crypto” apps offer mining services, exchange services, and even banking services. How will you navigate the potential security pitfalls of cryptocurrency scams?
In a previous post, we discussed the Bitcoin security best practices and other basics. Today, we will examine some of the various ways bad actors are skimming the coffers of cryptocurrencies and what you as a consumer can do to avoid them.
Cryptocurrency Hack Attacks:
With the era of social media and online news, fake news pushers have it easier than ever to create and spread online cryptocurrency scams by capitalizing on the gold rush. They simply mimic mainstream media web pages with catchy links, “Click here to earn one Bitcoin a day!” which bait users to enter their personal data and credit card information. Always remember, Think before you click! If it sounds too good to be true, then it usually is.
Another popular cryptocurrency scam is specialized phishing lures to penetrate cryptocurrency storage systems, such as mobile wallet apps, online exchanges, or trading apps. For example, Fortinet identified a phishing attack that invited investors to increase their gains by utilizing a trading bot application. The phishing email claimed that this app, Gunbot, automatically traded Bitcoins within set parameters to secure profits for investors. Recipients were encouraged to download the new trading bot, Gunbot attachment, but in actuality, it contained an executable that delivers Orcus Remote Access Terminal (RAT) malware.
RATs allow your computer or device to be controlled remotely. From there, it takes just a few keystrokes for the attacker to gain admin rights, which in turn gives him/her access to account and password information that may be stored in the far reaches of your device’s memory. The attacker may even strike gold if you have any Bitcoins or other cryptocurrencies that are stored on the hard drive.
Mining cryptocurrencies takes a lot of resources and computational power. In fact, electricity is the number one operational cost to a Bitcoin miner. For that reason, nefarious hackers have resorted to “borrowing” resources by spreading Bitcoin-mining malware. Many of the current malware botnets are created to mine Bitcoins, whether they’re injected into computers, smart phones, or IoT gadgets. Although their intent isn’t malicious, it’s still unauthorized use of someone else’s property, and it costs the victim money and slows down the hijacked devices. If your battery is dying faster than usual or your device is running slower than normal, then you should scan your system with updated antivirus/anti-malware software.
Crypto-currencies often store their value in file stores known as e-wallets. Wallets can be compromised, manipulated, stolen, and transferred, just like any other data stored on a computer. Kaspersky Lab recently detected a new attack strain called CryptoShuffler. The technique uses simple copy-and-paste tactics to steal valuable Bitcoins from unsuspecting users, straight out of their wallets. Most experts recommend keeping your value in an offline wallet that can’t be accessed by malware or hackers.
Bad actors create fake e-wallets to take advantage of people new to Bitcoin and other digital currencies as they are less likely to recognize fake apps. Lookout recently discovered three fake Bitcoin wallet Android apps in the Google Play Store that trick people into sending cybercriminals Bitcoins. Some of the apps had thousands of downloads. Fortunately, Google has since pulled them from the store. But more crop up every day as the craze for cryptocurrencies hungers on.
Crypto-currency trojans monitor your computer waiting for what looks like the format of a crypto-currency account number. When it spots one, it “awakens” and replaces the intended account you are transferring value to with their account number. Unless you are aware of the switch, it will be game over if you hit the Send button.
Inherent Programming Weaknesses
Like any crypto implementation, the cryptologic algorithm is almost always far more sound than the program that implements it. In general, blockchaining can suffer from a programming bug or lack of good private key security (or Bitcoin wallets) which will it turn compromise the whole system. So, before you use a cryptocurrency or get involved in a blockchain project, make sure the software programmers are applying secure development lifecycle (SDL) processes to minimize bugs. And, protect your private crypto keys as you would the key to your house, or better yet, your safe.
Known Plaintext Crib Attacks
Good crypto makes the resulting cryptotext look like random gibberish. Theoretically, a crypto-attacker should not be able to figure out what the original plaintext looked like. With any blockchain technology, however, the format of the blocks is not a secret and can be easy to figure out. Certain letters, characters, or numbers are always in the same places in every block. This allows crypto-attackers to “crib” a partial representation of the plaintext in every crypto protected block. Plus, every block is a function of the previous block. This weakens the overall protection of the underlying encryption cipher. If the cipher isn’t weak, it isn’t a huge problem, but it does give attackers a starting edge.
Many security experts wonder if SHA-256, which contains the same mathematical weaknesses as its shorter, very much related SHA-1 precedent, is a concern for Bitcoin and blockchain (both usually use SHA-256). The answer is not right now. SHA-256 is strong enough for the foreseeable future. More importantly, since most of the world’s financial transactions and HTTPS transactions are protected by SHA-256, when someone breaks it, we’ll have far bigger things to worry about than just Bitcoin and blockchains. “Although if you’re planning to make a cryptocurrency or blockchain, start planning for “crypto-agility,” which is the ability to replace ciphers and keep the underlying program,” suggests Roger A. Grimes, from CSO.
Sites Get Hacked
Some of the bigger hacks are ascribed to unscrupulous operators who run away with millions in ill-gotten gains. Other common hacking threads surrounding Bitcoin is how often the centralized website controlling the cyber currency gets hacked. One such example is Youbit, a South Korean Bitcoin exchange that had to file for bankruptcy after criminals stole almost one-fifth of its clients’ holdings in the second major cyberattack on its systems this year.
DDoS attacks against major cyptocurrency exchanges or vaults like Mt. Gox or more recently, Coincheck, can take down whole cryptocurrency systems resulting in either stolen funds or corrupted files that are rendered worthless. Make sure to back up your value into an offline location because an FDIC bail out is not likely to happen. Moreover, always do business with a cryptocurrency website that is well secured and trustworthy.
Researchers have been warning for years about critical issues with the Signaling System 7 (SS7) that could allow hackers to listen in private phone calls and read text messages on a potentially vast scale, despite the most advanced encryption used by cellular networks.
Avoid using two-factor authentication (2-FA) via SMS texts for receiving OTP codes. Instead, rely on cryptographically-based security keys as a second authentication factor, for example Google Auth.
Whether you decide to join the craze or sit back and watch the rollercoaster’s dips and turns, here are a few cyber security tips that will be wise to follow:
- Research before investing to make sure your cryptocurrency website is well secured and trustworthy.
- Do not trust Twitter or other social media for investment advice since fake news is a pitfall.
- Think before you click! Do not fall for phishing scams or ads laced with malicious links.
- Report phishing scams, and don’t share or forward the lure to others.
- Closely monitor your cryptocurrency wallets, credit card accounts, and banking accounts.
- Be wary of social engineering attempts to steal your credentials.
- Routinely scan your computers, laptops, mobile phones, and other devices using updated and patched antivirus/anti-malware software.
- Avoid using two-factor authentication via SMStexts, rather use Google Auth.
Practicing routine cyber hygiene will help you avoid the hidden traps lying wait on the web.
Follow the Money – Phishing Schemes Go After Cryptocurrency
While cryptocurrencies like Bitcoin and Monero were once used largely in underground criminal markets because of the anonymity associated with financial transactions, the user base for these currencies and the underlying blockchain technology is growing rapidly. Retailers, online gaming platforms, and more now accept Bitcoin, while major technology players with interests in transactional systems and databases are investing heavily in blockchain. At the same time, the appeal for cybercriminals remains strong, with most ransomware actors requiring payment in Bitcoin and underground markets continuing to operate with a variety of cryptocurrencies.
The mainstreaming of Bitcoin in particular, along with built-in mechanisms for ensuring a reasonable degree of scarcity, has dramatically driven up the value of the currency (Figure 1). At current exchange rates, one bitcoin is now worth over $2600 USD, although the exchange rate recently exceeded $3000 USD per bitcoin. Not surprisingly, threat actors are now looking at new ways of stealing bitcoins, including through sophisticated phishing schemes. We examine several phishing templates targeting cryptocurrencies below.
Figure 1: Increase in Bitcoin value over the last year (chart courtesy of Coindesk.com)
Blockchain.com is the largest provider of Bitcoin wallets in the world as well as a leading provider of distributed ledger technology – the software platform underlying Bitcoin and many other transactional systems. This popularity has made Blockchain.com a frequent target for cryptocurrency phishing. We have observed regular updates to phishing templates keeping them in step with design changes to the legitimate blockchain.com website. As recently as May 2020, we continued to see the following email and phishing templates in use.
Figure 2: Blockchain email lure with stolen branding from May 2020
Figure 3: Blockchain phishing landing with stolen branding from May 2020
Recently, we also observed a new phishing template and email lures in use that are consistent with the latest blockchain.com website redesign.
Figure 4: Updated Blockchain email lure; note that the app store icons link to the legitimate Blockchain app and are simply part of the stolen branding used throughout the campaigns
Figure 5: Another updated Blockchain email lure
The landing page for this phishing template has been upgraded as well and is difficult to distinguish from the legitimate site. The stolen branding and careful replication of the real site are clearly visible in Figure 6.
Figure 6: Updated Blockchain phishing landing page, with stolen branding
Figure 7: Updated Blockchain phishing login, with stolen branding
The actors behind these instances of Blockchain phishing frequently use typosquatted domains that resemble the target domain for their scams. As these scams register their hosting and domains through legitimate services, they often have a lifespan much longer than those used in most phishing scams today. Examples of these domains appear in Table 1.
Table 1: Examples of recent typosquatted and otherwise fraudulent domains used for Blockchain phishing
The email address [email protected][.]com was used to register a large number of typosquatted blockchain phishing domains in June 2020. Many of these domains are still active and have been used recently in phishing campaigns. Most recent domain registrations are concealed via WhoIs protection.
We have also observed similar typosquatting tactics being used against coincheck[.]com, which is described as “The Leading Bitcoin and Cryptocurrency Exchange in Asia” (Figure 8).
Figure 8: Coincheck phishing landing – coin-check[.]com
Some recent domains that have been registered are currently just redirecting to the legitimate coincheck[.]com. They will likely be activated at some point to lead visitors to a fake page when needed.
Table 2: Examples of recent typosquatted and otherwise fraudulent domains used for coincheck[.]com phishing
The recent increase in the value of Bitcoin has carried over to a lesser extent in alternative cryptocurrencies. While targeting online wallets is one vector of attack, another is to gain access to exchanges where users may keep virtual currency for the purpose of selling or exchanging them for other crypto or traditional currencies. For example, we observed scams targeting the popular cryptocurrency exchange Poloniex, one of the most active exchanges for alternative crypto coins such as Ethereum, Dash, Stratis, Monero, and many others. One phishing page in particular, poloniex-login[.]info, was taken down after we notified the host.
Figure 9: Poloniex phishing landing – poloniex-login[.]info with stolen branding. This site has since been taken down.
Moreover, we observed phishing scams for coins.ph, a blockchain service in the Philippines that provides banking and payment services to those in the Philippines and Southeast Asia (Figure 10).
Figure 10: Coins.ph phishing landing with stolen branding
Other cryptocurrency brands and services such as Coinbase have also been the subjects of phishing scams; actors continue to promote their kits for sale via YouTube (Figure 11).
Figure 11: YouTube promotional video for a Coinbase phishing template
The term “phishing” dates back over 20 years and was coined by attackers stealing America Online credentials. Since then, phishing schemes have continued to evolve, with actors changing their techniques to capitalize on the latest trends and new avenues into victims’ credentials and, ultimately, their wallets. In the cases described here, those wallets are virtual and contain cryptocurrencies, a means of exchanging value anonymously that has only recently received mainstream attention.
Recently, we have observed a number of phishing templates and email lures that mimic online wallets like Blockchain.com and cryptocurrency exchanges like Poloniex. These templates attempt to steal wallet IDs and credentials that allow actors to conduct fraudulent transactions with third parties or withdraw funds directly. Unfortunately, the anonymous nature of cryptocurrency transactions makes fraud even harder to detect. Users should guard their credentials carefully and be vigilant for typosquatted domains and unexpected notifications from wallet and exchange services. More importantly, online wallets and exchanges should never be considered trusted storage for cryptocurrencies.
2820803 – Possible Successful Generic Phish Jun 22
2821772 – Successful Blockchain Phish Aug 19 2020
2824382 – Successful Blockchain Phish Jan 11 2020
2825960 – Successful Blockchain Phish Apr 13 2020
2826611 – Blockchain Phishing Landing Jun 02 2020
2826612 – Successful Blockchain Phish Jun 02 2020
2826602 – Successful Poloniex Cryptocurrency Exchange Phish Jun 02 2020
2826662 – Blockchain Phishing Landing Jun 07 2020
Beware of These 5 Bitcoin Scams
Bitcoin’s meteoric rise in prices in 2020 awakened mainstream interest in the original cryptocurrency. But the rise in interest has not been without consequences. One of the downsides of new investors entering the market is the increase in the number of scams, frauds, and stories of retail investors who lose their coins to shady ventures. From ICO scandals to wallet theft and fraud, regular consumers can fall prey to crime easily.
It may seem as though it’s the Wild West for investors, but it doesn’t have to be. While there are certainly risks in the market, the opportunities may be irresistible for some. However, being cautious is always a must, and there are clear signs of scams that investors can look for. By avoiding these traps, users can better their chances of success and protect their investments. These are some of the most common scams and how they can be avoided.
- Bitcoin investors can increase their odds for success by identifying common scams, such as Ponzi schemes, fake ICOs, and fraudulent exchanges.
- One common scam, exposing bitcoin users to theft, is the sale of a hardware wallet with a compromised pre-configured seed phrase, which allows hackers to steal funds.
- Since bitcoin exchanges are unregulated, fraudulent exchanges can trap investors with the promise of unrealistic prices and heavy discounts on use.
- Websites featuring fake ICOs instruct users to deposit funds into a compromised wallet through their site, resulting in the theft of funds.
Hardware Wallet Theft
For users who are concerned with security and privacy, a hardware wallet—a physical device that stores their private keys—is an increasingly popular option. Usually, as small as keychain USB drives, these wallets offer an offline way to help crypto investors protect their bitcoin even further. However, there have been reports that some of them have built-in vulnerabilities that open them to hackers that could easily steal all a user’s holdings.
This is far from the only issue, however. According to Ofir Beigel, the owner of 99Bitcoins.com:
One scam entails selling hardware wallets to users with a ‘pre-configured’ seed phrase hidden under a scratch card. The new user is told that he should scratch the card . and set up the wallet with the compromised seed.
This creates a backdoor that allows hackers to drain funds once a wallet is activated. These scams are becoming more common, but they can easily be avoided by only accepting wallets from trusted sources.
Despite their decentralized nature, most cryptocurrencies are still bought and sold at exchanges. While this makes it easier to find the coins investors desire, there is still no regulatory body overseeing these exchanges in many countries. Thus, many investors have been left penniless when the exchanges they signed up for turn out to be traps. In December of 2020, several South Korean exchanges were exposed, leading to promises of stiffer regulations by the country’s authorities.
These scams are not hard to spot but can be costly if not avoided. One of the biggest red flags is the promise of unrealistic prices. Exchanges that promise heavy discounts on bitcoin use this strategy to lure in unsuspecting victims.
Additionally, users can check exchanges’ URLs. Web addresses should always begin with HTTPS, a sign that traffic is encrypted. Visiting unsecured websites is a bad idea, but alert investors can avoid losing thousands by looking for the right signs.
One of the best results of the cryptocurrency boom has been the rise of the initial coin offering as a way for companies to raise capital. With thousands of new blockchain-based companies entering the market with unique ideas and exciting projects, users can now back their favorite businesses easily. However, this massive explosion of ICO opportunities has inevitably raised the specter of fraud.
There are several ways scammers can separate investors from their bitcoin. One popular method involves creating fake websites that resemble ICOs and instructing users to deposit coins into a compromised wallet. Other times, it’s the ICOs that are at fault.
Centra Tech, for example, a blockchain venture backed by several celebrities, has been sued in the US. The company stands accused of portraying fake team members, misleading investors, and lying about their products. The best way to avoid these scams is close research that involves picking apart the white paper, reviewing the team behind the venture, key board members, and investors. Before making any investment, it’s vital to learn as much about the company as possible to avoid any unpleasant surprises.
Cloud Mining Schemes
Mining is the only way to extract new bitcoins without buying or exchanging them, but it has become an incredibly resource-intensive activity. Due to the unique way new coins are mined, it takes massive amounts of processing power and electricity, and thus money, to mine a coin. However, many companies now offer regular users the ability to rent some server space to mine coins for a set rate.
Some companies offer “lifetime contracts” that keep costs the same and supposedly offer outstanding returns. However, as the difficulty of mining increases, the same investment will return smaller amounts each time. Moreover, some companies make bold claims regarding their returns without being transparent about the true costs and diminishing returns. Others operate Ponzi schemes that can lead to massive losses. It’s vital to look into opportunities and understand the risks and costs associated with mining before investing.
Even in the digital spheres, many multilevel marketing schemes have emerged that offer naïve investors excellent “opportunities” for progressively larger sums of bitcoin. MLMs, as they’re known, are predicated on offering quick returns, but involve taking more money for the promise of even higher profits.
One major company that has been repeatedly outed is OneCoin, whose owners were implicated in several other shady operations. The company offered investors massive earnings, as well as luxury goods and perks for paying more.
However, there is little information on the company outside of its site, and users have left scathing reviews online. It’s important to pay attention to a company’s fine print and ensure that their claims are feasible and real. Avoiding these scams early can protect investors’ wallets.
With the current craze, being vigilant and doing one’s due diligence are a must before investing in bitcoin. The market is also showing signs of maturity, leading to better transparency and clearer rules. Regardless, a smart investor’s first step should always be careful research to ensure their investments are winners.
What to Know About Cryptocurrency
Share this page
Cryptocurrency is digital money. That means there’s no physical coin or bill — it’s all online. You can transfer cryptocurrency to someone online without a go-between, like a bank. Bitcoin and Ether are well-known cryptocurrencies, but new cryptocurrencies continue to be created.
People might use cryptocurrencies for quick payments and to avoid transaction fees. Some might get cryptocurrencies as an investment, hoping the value goes up. You can buy cryptocurrency with a credit card or, in some cases, get it through a process called “mining.” Cryptocurrency is stored in a digital wallet, either online, on your computer, or on other hardware.
Before you buy cryptocurrency, know that it does not have the same protections as when you are using U.S. dollars. Also know that scammers are asking people to pay with cryptocurrency because they know that such payments are typically not reversible.
Cryptocurrencies vs. U.S. Dollars
The fact that cryptocurrencies are digital is not the only important difference between cryptocurrencies and traditional currencies like U.S. dollars.
Cryptocurrencies aren’t backed by a government.
Cryptocurrencies are not insured by the government like U.S. bank deposits are. This means that cryptocurrency stored online does not have the same protections as money in a bank account. If you store your cryptocurrency in a digital wallet provided by a company, and the company goes out of business or is hacked, the government may not be able to step and help get your money back as it would with money stored in banks or credit unions.
A cryptocurrency’s value changes constantly.
A cryptocurrency’s value can change by the hour. An investment that may be worth thousands of U.S. dollars today might be worth only hundreds tomorrow. If the value goes down, there’s no guarantee that it will go up again.
Investing in Cryptocurrency
As with any investment, before you invest in cryptocurrency, know the risks and how to spot a scam. Here are some things to watch out for as you consider your options.
No one can guarantee you’ll make money .
Anyone who promises you a guaranteed return or profit is likely a scammer. Just because an investment is well known or has celebrity endorsements does not mean it is good or safe. That holds true for cryptocurrency, just as it does for more traditional investments. Don’t invest money you can’t afford to lose.
Not all cryptocurrencies — or companies promoting cryptocurrency — are the same.
Look into the claims that companies promoting cryptocurrency are making. Search online for the name of the company, the cryptocurrency name, plus words like “review,” “scam,” or “complaint.”
Paying with Cryptocurrency
If you are thinking about using cryptocurrency to make a payment, know the important differences between paying with cryptocurrency and paying by traditional methods.
You don’t have the same legal protections when you pay with cryptocurrency .
C redit cards and debit cards have legal protections if something goes wrong. For example, if you need to dispute a purchase, your credit card company has a process to help you get your money back. Cryptocurrency payments typically are not reversible. Once you pay with cryptocurrency, you only can get your money back if the seller sends it back.
Before you buy something with cryptocurrency, know a seller’s reputation, where the seller is located, and how to contact someone if there is a problem.
Refunds might not be in cryptocurrency .
If refunds are offered, find out whether they will be in cryptocurrency, U.S. dollars, or something else. And how much will your refund be? The value of a cryptocurrency changes constantly. Before you buy something with cryptocurrency, learn how the seller calculates refunds.
Some information will likely be public .
Although cryptocurrency transactions are anonymous, the transactions may be posted to a public ledger, like Bitcoin’s blockchain. A blockchain is a public list of records that shows when someone transacts with cryptocurrency. Depending on the cryptocurrency, the information added to the blockchain can include information like the transaction amount. The information also can include the sender’s and recipient’s wallet addresses — a long string of numbers and letters linked to a digital wallet that stores cryptocurrency. Both the transaction amount and wallet addresses could be used to identify who the actual people using it are.
As more people get interested in cryptocurrency, scammers are finding more ways to use it. For example, scammers might offer investment and business “opportunities,” promising to double your investment or give you financial freedom.
Watch out for anyone who:
- guarantees that you’ll make money
- promises big payouts that will double your money in a short time
- promises free money in dollars or cryptocurrency
- makes claims about their company that are not clear
Cryptojacking is when scammers use your computer or smartphone’s processing power to “mine” cryptocurrency for their own benefit, and without your permission. Scammers can put malicious code onto your device simply by your visiting a website. Then they can help themselves to your device’s processor without you knowing.
If you notice that your device is slower than usual, burns through battery power quickly, or crashes, your device might have been cryptojacked. Here is what to do about it:
Close sites or apps that slow your device or drain your battery.
Use antivirus software, set software and apps to update automatically, and never install software or apps you do not trust.
Do not click links without knowing where they lead, and be careful about visiting unfamiliar websites.
Report fraud and other suspicious activity involving cryptocurrency, or other digital assets to:
Best Binary Broker!
Perfect for beginners!
Free Demo Account! Free Trading Education!
Only for experienced traders!