Head of Google’s Email Security Team Warns Bitcoin Users About Sharing Crypto Portfolios on Public Forums
Mark Risher is the lead of Google’s security team for email. His role involves watching for email fraud, abuse, identity concerns. In a recent interview with CNBC, Risher had to bring up a common topic for users – reducing the risk of threats to email accounts.
One of the most obvious ways that users actually put themselves at risk is by bragging about the number of Bitcoins they hold, especially on message boards. This is an obvious habit that needs to end, because many scammers take to social media and other message boards to find the most likely victims. Consumers that are comfortable with posting this type of information on a public forum are more likely to be targeted and eventually victimized.
“It could just be a case of mistaken identity or guilt by association. They could be using someone who seems to be low value to pivot toward somebody considered a higher value target, like somebody political in nature… Or maybe they saw that you were discussing Bitcoin on a public message board.”
If this is the case, Risher says that it would relatively easy to hack social profiles and email accounts to ultimately gather the personal information they need. Small tidbits, like a maiden name or birth date, can help them enter financial accounts and crypto wallets, resetting the password before the user can protect themselves. They end up locked out of their own account, with no way of seeing what is going on with their funds.
Many people believe that they are too smart and too protected to become victims of an email scam nowadays, but the types of scamming done nowadays are drastically different. The potential hacker takes the time to learn about their victim, which means that any message is as familiar as one from a loved one. Furthermore, many people end up forgetting about the posts that they have made on forums after a while, allowing attackers to gather information that users do not even realize is out there. Even if their own information is not out there, there is evidence to suggest that simply being connected to someone with public posts can be a gateway for attackers.
Considering the recent attack on the MEGA chrome extension, Google users need to be more careful than ever. The attackers managed to gain access to usernames, passwords, and wallet addresses from multiple retail sites. Some of the website used to gather these details include Amazon, GitHub, Google, and Microsoft.