Security check part two: Scams and spam
This is the second part of our two-part series about personal security best practices in the cryptocurrency space. Be sure to check out part one on SIM hacking.
Dramatic crypto market bull runs are fun and exciting for several reasons — after all, who doesn’t like looking at green charts with high-percentage gains?
But one big downside to increasing prices of crypto assets is that as the level of market activity increases, so too does the level of shady tactics designed by fraudsters.
Here is a quick list of lessons that the support and operations team has put together based on talking to thousands of Abra users over the last several years.
Lesson one: Easy money attracts fraudsters
This is a historical problem. For as long as people have been saving money and collecting assets, there have been fraudsters trying to swindle them.
So fraud isn’t necessarily a crypto problem. It’s more like a money problem. But since cryptocurrencies are a new form of technology, and require a new kind of infrastructure (digital exchanges, wallets, etc.) fraudsters are taking advantage of the ambiguity and lack of long-established processes to find new ways to steal.
So while there is not a specific security tactic to implement here, the general advice that applies elsewhere also applies to crypto: “If it sounds too good to be true, it probably is.”
Lesson two: Don’t trust, verify
One of the most common scams that happens across the crypto space and that has repeatedly been reported by Abra users is that fraudsters will reach out to people promising guaranteed returns in exchange for bitcoin.
So the fraudster might say something like, “If you send bitcoin to this address, we will keep it safe and send you double the amount in three months.” While this might sound ridiculous laid out in a blog post, fraudsters actually pull this off by being very convincing and making their scam look and sound legit.
Another variant of this scam is that fraudsters will reach out to people offering a job or some kind of economic opportunity saying something like “All you have to do is download this app, provide your bank info and recovery phrase, and we will deposit money into your account.”
Again, this scam sounds silly when laid out here, but fraudsters can be convincing and can pull off these scams in a way that people don’t realize they are being scammed until it is too late.
The key point is to verify everything if anyone is asking for information related to your crypto holdings, your crypto wallets, or your banking information.
Be advised that Abra will never ask for your wallet information or identifying details through email or social media.
Lesson three: Recovery phrase safekeeping
Abra wallets all have a unique recovery phrase that provides a layer of insulation between security intrusions such as SIM hacks and your crypto assets.
But the recovery phrase only really works if it is properly secured and not widely shared or accessible. For example, if you take a photo of your recovery phrase and then that photo is stored on a cloud that is vulnerable to a hack, your wallet is no longer secure.
So be mindful of your recovery phrase and do not share it with others.
Lesson four: This above all else — cold storage
There is no question that the best and most secure long term method of securing crypto assets is in cold storage.
Cold storage can take on a number of forms and formats, but the general goal is to put an air gap between the internet (and potential intruders) and your assets.
There are a number of cold storage options — ranging from paper wallets to hardware wallets. The key is to find a solution that works for you and build security practices around it.
The security habit
One of the great advantages of an Abra wallet is that it provides the ease of a mobile cryptoasset investing experience with an added layer of security with the private key recovery phrase system.
However, good crypto security is kind of like forming any kind good habit — there is a little bit of learning curve and then a commitment