The Ever Expanding World Of Cryptocurrency Scams On Mobile Devices
The cryptocurrency space is thriving again after experiencing one of the longest crypto winters in 2018. The price charts, trading volume, as well as the sentiment in the community, is mimicking similar trends as that of 2017 when Bitcoin touched its all-time-high price of around $20k. However, the rise in popularity of crypto has also garnered a lot of unwanted attention from cybercriminals.
The scams related to cryptocurrencies are easier to pull off given the poor level of understanding among the majority, most of whom are only flock the decentralized space to make some quick money. The anonymity and privacy features of crypto make it the favorite choice for cybercriminals, which they use to their benefit to bypass the traditional banking systems and avoid any financial surveillance from regulators.
The Age Of Mobile Device Related Crypto Scams
A majority of the modern day population are heavily dependent on their mobile devices as their daily driver. Thus, cybercriminals have also shifted their focus towards mobile devices, leading to an increased number of mobile crypto scams in recent times.
We will look into most common mobile-centered scams that these scammers prey upon, and also look into certain preventive measures to avoid being a victim.
Fake Cryptocurrency Exchange Apps
Scammers have been known to create fake cryptocurrency exchange apps which mimic the real service providers, and trick the users into falling for the scam with paid reviews and ratings. The most prominent example of such scam came in 2018 in the form of fake Poloniex exchange app which made its way onto Google's Play Store before the official release of the applications.
Many users fell for the scam as it was well made and was functional too. Those users who used the fraudulent application mistaking it for the original logged into the app, and lost their cryptocurrency holdings from the exchange. Interestingly only those accounts which did not have a two-factor authentication were compromised.
Precautionary Measures To Avoid Such Scams:
- Make sure to verify any new application with the official website whether they have indeed any similar application. Most of the important release from a firm comes along with an official announcement or a press release, so verify that as well.
- Read the reviews carefully, even though most of the reviews can be bought, still, there will be a few real ones lost in between which might provide a clearer picture.
- Check the developer information of the application as most of the genuine ones trace back to the original website.
- Check the download count, a genuine and good application has many takers while the fake ones do not have those many downloads.
- Always use application with two-factor authentication, so that even if your account gets compromised there is another way to recover it.
Fake Cryptocurrency Wallet Applications
Fake cryptocurrency wallets have become the easiest way for scammers to phish ignorant users and rob them of their crypto assets. Generally, fake crypto wallet apps seek to obtain sensitive private data like the private keys and password. In some cases, these fake wallet services provide the same wallet address to all the users.
Recently two fake wallet applications in the form of Trezor Wallet and Coin Wallet were delisted by Google from its play store. Most of these fake wallets have already caused users to lose their hard-earned crypto holdings. Let us see what as a user one can do to avoid getting scammed:
- Make sure any new wallet app that you download generate a new wallet address, and you have the private key for the same. Also, genuine wallet apps provide the option to export the private keys.
- Ensure to check for an official statement or announcement from the original website.
- Look for the verification email, and try to trace it back to the original website.
Cryptojacking has become one of the easiest and most preferred ways of scamming for cybercriminals as it requires the least of efforts and in most cases, the victim does not even know that their mobile has been compromised.
The process of crypto jacking involves hackers planting mining malware onto a website, and when a user visits that website, the malware gets planted onto their devices which uses the computational power of their device to mine cryptocurrencies. It has been noted that in recent times hackers are not just limited to planting small malware, but they are creating fake mobile applications and gaming apps to phish new victims.
Some of the precautions one can take to avoid crypto jacking attacks
- Always visit websites which are deemed secure.
- Never click on advertisements which seems too good to be true.
- Use a genuine anti-malware to avoid crypto jacking malware.
- Download any application only from the official website of the service provider.
Sim Swapping scams require the hackers to get access to the phone number of a user by tricking the mobile operators to issue a new Sim Card for the same user. The biggest swim swapping fraud came in the form of Michael Terpin losing $20 million worth of cryptocurrencies.
Once a cybercriminal gets hold of a victim's phone number, it becomes a cake walk to bypass the two-factor authentication. Some criminals also prey upon the network glitches to hijack into victim's SMS history and then steal important information.
In order to avoid being a victim, one must keep the following instructions in their mind:
- Avoid using SMS service for two-factor authentication, instead of that, you can go for applications like Google Authenticator. Hardware authentication has also become an alternative to avoid such scams.
- Avoid splashing your sensitive private information like your phone number on social media, as the scammers can easily get access to those.
- Avoid being a show-off, try not to announce it to the world that you hold cryptocurrencies.
- Also, make an arrangement with your mobile service provider to help you keep your data secure.
Mobile Devices have become an integral part of our daily lives, and our dependence on these devices has become a real vulnerability for our private information. So, the security of your mobile device as important as your bank account as one mishap can lead to another and cause you a ton of damages. So make sure you use a device or an Operating system which is known to protect user privacy.