fbpx
(661) 281-4000

Cryptocurrency Scams to Avoid

You’ve probably heard a little something about cryptocurrency. Does Bitcoin ring a bell? The price of this and other cryptocurrencies has been soaring, and it’s driving a mania-style frenzy on Wall Street.

There is so much hype about alt-coins lately that there are now reports of people even taking out second mortgages and home equity lines to buy them. Crazy, right?

For years, financial analysts have warned people to stay away from cryptocurrency by arguing that it was too volatile to be a safe investment. However, with prices going sky-high, it’s hard for investors and entrepreneurs to sit on the sidelines while a major new asset class emerges.

However, before you get lured in by the shiny new penny, you need to understand the risks. Cryptocurrency markets aren’t just volatile, they are also extremely murky and riddled with fraud. Since the launch of Bitcoin in 2009, these markets have been plagued with cyberattacks and scams that have cost investors millions of dollars. To make matters worse, cryptocurrency isn’t protected by the FDIC, so losses due to theft are nearly impossible to get covered.

So how do these cybercriminals do it? There are two main ways cryptocurrency investors can lose their shirts to scammers, among the many.

The first is when hackers attack the infrastructure underpinning these coin markets, for example: exchanges, digital wallets, mining companies, web host services, etc. The second is when criminals target investors directly. There are a variety of these online scams, which often use social engineering tactics, but the primary ones to worry about are initial coin offering (ICO) fraud, phone-porting, fake wallets and malware.

While there’s not much investors can do to protect themselves against attacks on the cryptocurrency system, they can take measures to lower their own risk of falling for a targeted attack.

Here’s a breakdown of these four attacks and ways to reduce the threat:

Initial Coin Offering (ICO) Fraud

An ICO is when a newly invented cryptocurrency is launched to investors. Needless to say, this is an unregulated and risky activity all by itself, but it is also plagued by scammers. There are two ways ICO fraud happens. The first is when criminals create a fake ICO and steal any money that investors give them. This is what happened in December, when the SEC shut down the PlexCoin ICO, which it alleges was a $15 million fraud.

The second type of ICO fraud is when hackers “spoof,” or impersonate, a legitimate ICO and trick investors into paying them instead of the real company. This happened recently with messaging giant Kik’s ICO, which goes to show it can affect even well-established companies. Typically, cybercriminals will create a fake website or social media account and use phishing emails to promote a phony “pre-sale” offer or other trick.

Security tip: Do sufficient research on an ICO before buying in. Check industry sites like CoinDesk to verify the legitimacy of a claimed ICO. Don’t fall for hard-sell tactics or too-good-to-be-true offers, especially when received over email or social media messaging, as these are likely phishing attempts. See the SEC’s tips on ICO investments if you’d like more information.

Phone-porting

Cell phone identity theft, also known as “phone-porting,” is when criminals commandeer a person’s phone number by tricking the mobile provider into giving them control of the account. Once they have the phone number, they can reset the password to a digital wallet and drain the account. Since these cryptocurrency transactions can’t be reversed, the investor can lose everything. According to Federal Trade Commission statistics, phone-porting attacks in general rose by 256 percent between 2013 and 2016.

Security tip: Mobile providers usually recommend adding a unique PIN and verification question to the account to improve security. However, a better solution is to switch two-factor authentication from SMS to a third-party service like Google Authenticator.

Fake digital wallets

Cryptocurrency has to be stored somewhere, and investors often use virtual wallets. The problem is that fake wallets occasionally appear online or in mobile app stores, and they may steal investors’ savings. This happened recently with the bitcoin gold wallet scam, which reportedly stole $3 million. On December 10, the popular service MyEtherWallet warned customers about a fake MyEtherWallet digital wallet app, which had risen to No. 3 in the iOS App Store’s finance category.

Security tip: Before selecting a digital wallet provider, do your homework. Only use services that have a solid track record. Another option is to use an offline hardware wallet.

Bitcoin-stealing malware

Recently, a new category of malware has emerged that specializes in one activity—stealing bitcoins. It can do this in a few different ways, such as stealing log-in credentials or the wallet itself, or getting in the middle of a transaction.

Security tip: Use a robust antivirus program and an inbound/outbound firewall to protect your computer. Use two-factor authentication and a password manager to protect the log-in.

Cryptocurrency investors face a lot of risks, not the least of which is scamming. Since this market is largely unregulated and unprotected, it is up to individual investors to account for their own security. Follow the above tips, and also take additional measures, such as encrypting the internet connection with a VPN (virtual private network). It’s also not a bad idea to consider using a dedicated computer (i.e., it does nothing else but log in to your bitcoin account) to be safer when performing these transactions.

With the onslaught of new technology hitting the market every month, it’s easy to fall for the convenience of having a smarthome, a smartphone, and a smartcar. We all fawn over the commercials showing a person commanding their house to dim the lights, set the oven to pre-heat, put on a show, and adjust the thermostat. How easy and wonderful that all looks!

But there’s a much darker side to having everything connected like that. No commercial will advertise the dangers of having your entire home (and everything inside) at the mercy of cybercriminals. Nowadays, cybersecurity is more important than ever.

ARRC, give me some examples.

Well, there was a hacker who broke into a baby monitoring system. When the parents walked into the baby’s room, the remotely-controlled camera moved to point at them, and the cyberattacker proceeded to scream obscenities at them.

Reacting as expected, the parents immediately pulled out the electrical plug for the monitoring system and it shut down. In the aftermath, the company who made the monitoring system announced and posted a patch to make the systems more secure, but many systems are still being used without the patch. People these days can’t be inconvenienced with updating their software, but the risks are not worth avoiding those updates.

If a video monitoring system being hacked isn’t troublesome enough for you, think about all the other dangers. Cars with controls that can be operated remotely is a prime example. A hacked video monitor can’t kill you, but a hacked car speeding down the highway certainly can.

Take it a step further. Remotely-controlled insulin pumps have even been hacked. Thanks to the way the security protocols on those devices are rigged, the murderer would likely never be caught. Scared yet?

Sorry ARRC, none of this applies to me.

Yes, you may be thinking, this doesn’t apply to me. I don’t have a remotely-controlled car or an insulin pump. But you do access the internet from home, don’t you? A US cybersecurity firm found 300,000 compromised routers in homes around the world. In 2012, a group of cybercriminals from Brazil successfully attacked 4.5 million home routers and gained access to bank accounts and sensitive financial information.

So unless you live in a pineapple under the sea and don’t have internet at all in your home, you are definitely in need of proper cybersecurity measures.

If you really want a smarthome (or any other highly-advanced and internet-based product), do not install internet controls on critical components and make sure you have a cybersecurity plan and strategy in place to make sure criminals cannot access your home, your car, your financial information, your family mementos, or anything else you value.

On a final, and comical, note: Before getting a divorce, a married couple had installed smart controls on the HVAC system in their home. After splitting up, the woman did not change the passwords for HVAC access. The former husband started freezing the woman and her new boyfriend in the winter by turning on the A/C and also turning on the heat in the summer.

Back in its debut in 2007, Amazon’s first Kindle was revolutionary. It gave bookworms the ease of having hundreds of books at their fingertips, and encouraged non-readers to finally get into the magical world of reading without having to actually shop for physical books. All at once, libraries were reduced to a 6-inch grayscale e-ink display, and the world was fascinated.

Fast forward to 2017, and it’s the Kindle’s 10th anniversary. We haven’t really seen much difference in the past versions besides the streamlining of the display and touchscreen integration, but for its tenth birthday, Amazon has pulled out all the stops for its beloved Kindle.

With the holiday season coming up, here are our five top reasons why you should purchase the new Kindle, either for yourself or for a loved one.

  1. It’s waterproof.

Yes, you read that correctly. The new Kindle Oasis boasts IPX8, which means it can handle pools, bathtubs, hot tubs, oceans, and just about any other water feature you can imagine. Now you can read your Kindle while relaxing in a bubble bath, or take it to the pool and not worry about the kids splashing nearby. We don’t recommend reading it in the shower though, not because it would do the Kindle Oasis any harm, but because you’ll get all pruney and go through hundreds of gallons of water while you’re lost in your book. Just saying.

  1. It plays Audible audiobooks.

For some, listening to books being read to them is more enjoyable than reading. Or sometimes, because our attention is needed elsewhere, we don’t have the luxury of reading traditionally. Many Kindle fans have been requesting an audiobook feature so they could keep all their forms of books on one device. If you’ve ever used the Kindle app on your smartphone, you have a rough sense of how the Audible experience works. Unfortunately, there’s no headphone jack on the Oasis, so Bluetooth headphones or speakers are your only options. Which, let’s be honest, we all have these days anyway. If not, check out these incredibly affordable Bluetooth earbuds.

  1. It has a 7-inch screen.

Amazon has boosted up the screen from a 6-inch display to a 7-inch display, and used that extra space to add some extra battery as well. There’s a faster processor and more storage, too. Now you can up the font size and not worry about running out of screen space, or you can shrink it down and get a lot more words on the page. It all depends on your reading comfort, of course. That extra inch allows for more freedom, and we’re happy about it.

  1. The use of e-ink and e-paper.

These aren’t new features to hit the Kindle, they’ve actually been some of the best selling points from the start. E-ink is a paper-like display technology, characterized by high visibility and contrast. It has a wide viewing angle and low power requirements. Used with the Kindle’s e-paper display, e-ink reduces eye strain and can be read in direct sunlight without a glare. E-ink and e-paper used together mimic a real book that has real ink on real paper. Bookworm holdouts that can’t stand the idea of reading on an electronic device should try the Kindle Oasis. They will be pleasantly surprised.

  1. Price point

The new Kindle Oasis costs $250 for 8 gigabites of storage, which should be plenty for all but the most hardcore audiobook and book lovers. If you plan to read constantly until the day you die, the 32 gigabite model runs $280. We recommend utilizing the cloud features so you don’t have to store all your books and audiobooks on the device itself, but if you plan to move to a remote mountain town with no internet ever again, load up that 32-gigabite model and be happy.

If these five reasons didn’t sway you, we fear nothing will. The Kindle has replicated the joys of reading a real book as closely as possible, with e-ink and e-paper, and allowed access to millions of titles at the touch of a finger. Many public libraries also have a lot of their titles available to borrow in Kindle format, so you’ll never be without a good book in the tub.

Everyone is probably tired of hearing about Equifax at this point, but the silver lining to the insane media coverage is bringing awareness to the general public about the consequences of lax cybersecurity. Once personal information has been leaked into the hands of a cybercriminal, it’s easy for them to steal your identity and from there, the possibilities are endless. Harming your credit score, gaining access to your financial institutions, and having open access to your friends and family are just a few of the things a criminal could use your stolen identity for.

Staying vigilant about identity theft is a crucial part of keeping your information safe and secure. Some of these red flags sound like common sense, but you’d be surprised at how many people brush off incidents that should prompt immediate action.

Here are some of the most common red flag warnings of identity theft from the Federal Trade Commission (FTC):

A good first step is to create an account on the Social Security Administration website before anyone else does. This way, you can at least check your Social Security earnings to see if anything looks off. You’ll need to have some information on hand, as the site will ask you about specific accounts you have open to verify your identity, and if you provide a wrong answer, you’ll be locked out for 24 hours. Caveat: if you’ve already placed a fraud alert or security freeze on your credit report(s), you won’t be able to do this online and you’ll have to either remove the freeze or go into your local Social Security office.

Also, the FTC suggests filing your taxes as early as you can before a potential scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. And always respond right away to letters from the Income Revenue Service (IRS).

If reading through the red flags, you now suspect someone is using your identity to open lines of credit, apply for jobs, or other activities, file an Identity Theft Affidavit and create an Identity Theft Report with the FTC. You can file this online or by phone or mail:

Remember, the best defense when it comes to identity theft is to stay aware of all your accounts and to take action immediately if something seems off.

While security systems play a large part in keeping your data safe from cybercriminals, your people are equally responsible when it comes to proper online procedures. Programs work to keep attackers out, but your staff has the power to let someone in. This is why a security-savvy staff is crucial when it comes to protecting your business. Here are tips on who these knowledgeable people are, how to get them on your team and what they bring to the table.

The Who

Security-savvy employees not only stay informed on the latest security breaches within other organizations, but they also understand the impact that data loss can have within their own company. They attend training sessions voluntarily, they focus on security reminders, they use safe cyber-practices, and they have good cyber-habits.

What are some good cyber-habits? Having strong passwords and refraining from using company documents on personal devices are some examples. These valuable staff members know the different types of malware, or at least the basics of malware, and they don’t put the full responsibility of cybersecurity on the IT department. If your business is a sports team, your employees are your players. You’re only as good as they are.

The How

These savvy employees might seem too good to be true, but they’re out there. And they might even already be on your payroll. Incorporating security into your current company culture by educating, training, and updating your staff can grow security experts from within. Your staff plays an active role on a daily basis just by being connected to your network and emailing outside sources. The true success of your company’s cybersecurity starts with them.

Make training fun and not a long, drawn-out prison sentence. Studies have shown a lot of the reason why adults say they don’t like to read is because they were forced to for years in school. The moment they had any freedom, they never picked up another book. It wasn’t because they didn’t actually enjoy reading, it was because they were relieved to be free of the requirement. So make sure the trainings aren’t force-fed to your employees or else they may just be lax on purpose.

The Benefits

While it’s seemingly impossible to completely prevent an attack, strength comes from within. Your people are the core of your organization. If they don’t adopt your cybersecurity processes, then any systems you have set up won’t be as effective as they should be. Making sure your staff knows they play a central role will motivate them to stay informed of why and how they can better the security of the company. When employees take ownership of their cyber-responsibility, the business as a whole will strengthen. And if you’re a business owner, you can rest easy at night knowing your team is all on the same page when it comes to protecting your valuable data.