Advertisement PDAX Banner

Phishing, Scams, and Exploits: How to Protect Your Crypto Assets | Webcast

Photo for the Article - Phishing, Scams, and Exploits: How to Protect Your Crypto Assets | Webcast

Na-scam ka na ba sa crypto? Paano makaiwas at hindi na mabiktima ulit?

Watch our interview here:

Phishing, Scams, and Exploits: How to Protect Your Crypto Assets | Webcast 53

The blockchain industry, being in the internet space, is not prone to digital fraud such as hacking, scams, exploits, and phishing. What is more painful is that it involves money, and it is really hard to accept when we lose our hard-earned investment profit because of unfair activities. 

  • To give us tips on how to secure our assets, the BitPinas Webcast has invited Icesteam Jimenez of IMPACT, or the Innovative Movement of the Philippine Association of Crypto Traders.ย 

Whatโ€™s the Significance? Receiving free tips on how to avoid falling victim to crypto fraud from those who have experienced it themselves should be considered โ€œsulit.โ€ย 

What is Phishing? 

  • According to Jimenez, phishing is not just in web3, it is because he already experienced it before while playing World of Warcraft, a massively multiplayer online role-playing game (MMORPG) released in 2004 by Blizzard Entertainment.ย 
  • He shared that the phishing activity he encountered was when he received an email that his account was compromised and he gave his account and password.

โ€œWhat is phishing is that kung mayroong magti-trick sayo into revealing something and then compromise your assets.โ€

[โ€œPhishing is that if someone tries to trick you so you can reveal something so that they can compromise your assets.โ€]

  • In crypto wallets, phishing occurs when bad actors trick the trader into supplying them with the traderโ€™s seed phrase or private key, as explained by BitPinas EIC Michael Mislos.ย 
  • Common phishing techniques include fake websites, sending emails, fake links, or PDFs, and social engineering.ย 
  • โ€œNung nauso yung airdrop, dumami talaga yung phishing kasi nagpo-post sila ng claim link. Minsan tuldok lang yung difference or may isang letter lang naiiba,โ€ Jimenez added.ย 

What are the common crypto scams? 

โ€œSiguro iyong magpapa-trade ka sa kanila para kumita. Thatโ€™s one na medyo uso na ipapa-trade mo sa akin, tas makakakuha ka ng fixed return. โ€

Advertisement PDAX Banner

[โ€œThose who will promote that they can trade on your behalf with a promised interest. That scam is so commonโ€”you will let me trade your finds, I will promise you a fixed return.โ€] 

  • What he is saying is that there are schemes online where they will convince investors that they will be the ones to trade on behalf of the investor. And in return, the investor will receive interest.ย 
  • However, they will run with the investment money, and none of the promises will happen.ย 

What are the red flags to detect fraud?

On phishing: 

โ€œMahirap ma-detect kung may phishing. One thing I think na dapat gawin is to do due diligence. โ€˜Wag mo agad i-click yung mga link, pasok ka muna sa community nila.โ€ 

[โ€œIt is hard to observe if there is a phishing fraud. For me, one of the ways that can be done to prevent this is to do due diligence. Do not click the received links, go to their community first to verify.โ€]

On crypto scams: 

โ€œKung may kakausap sa inyo, kapag ayaw magpakita ng mukha, red flag na โ€˜yun. For prevention (na ma-scam), pilitin niyong video call at magpakita ng mukha.โ€

[โ€œIf someoneโ€™s talking to you, and they do not want to show their faces, thatโ€™s a red flag. To prevent falling from scam, try to talk to them through a video call and let them show their face.โ€] 

What is the liability of hacking accidents? 

  • During the webcast, one of the viewers asked if the moderators and administrators of a community channel are liable once the channel has been hacked or compromised and a phishing link was clicked by its members.ย 
  • โ€œTechnically wala, kasi wala naman kayong pinag-usapan through kontrata. It really boils down talaga sa individual safety.

Experiences on exploits

  • According to Jimenez, he had a friend who was using a Trezor hardware wallet and became a victim of a hacking incident because of a hacker exploited a smart account.ย 
  • He then advised that it is good to use Rabby Wallet, because it allows users to revoke โ€Œprevious transactions that a hacker could use to exploit an account.ย 

Practices to avoid scams, phishing, and exploits

General security measures: 

โ€œIn joining airdrops, create a separate wallet or email and do not join through the main wallet where the majority of the assets are located.โ€

In 2FA: 

โ€œUse a different device where the two-factor authenticator app can be accessed, not on the main gadget that is used for trading and airdrop farming.โ€

In storing private keys: 

โ€œKapag bumili ka ng hardware wallet, may binibigay sila usually na maliit na papel kung saan pwedeng isulat yung seed phrase, gamitin niyo yun.โ€ 

[โ€œIf you buy a hardware wallet, they usually give a small paper where you can write your seed phrase. Use that paper.โ€]

What anti-virus should be used?

โ€œWala naman akong mai-recomment. Ngayon ang gamit ko ay Bitdefender and ngayon ang gamit ko ay Avast. It is up to you kung saan ka comfortable na gamitin. There is no restriction, basta mayroon kang at least isa.โ€ 

[โ€œI cannot recommend specific brands. But for now, I am using Bitdefender and Avast. It is up to you on what brand you are comfortable to use. There is no restriction. Whatโ€™s important is you have one.โ€] 

On using hot wallet over a hardware wallet

โ€œAng maganda siguro ay gumawa ka ng maraming wallet, may pang-airdrop, may main wallet. Tapos kapag na-collect mo na yung airdrop rewards mo, ilipat mo na lang sa main wallet โ€˜yung assets.โ€

[โ€œIt is a good idea to create multiple walletsโ€”one for airdrop, while the other as main wallet. If you already have collected your airdrop rewards, then you can transfer those rewards to the main wallet.โ€]

But he advised that traders should still invest in hardware wallets. 

This article is published on BitPinas: Phishing, Scams, and Exploits: How to Protect Your Crypto Assets | Webcast

What else is happening in Crypto Philippines and beyond?

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.