Personal crypto wallets security threat
One of the threats to personal information (when stored on phones) has always been SIM Swapping. And lately SMS messages used for a two-factor authentication (2FA) method became a trend in the theft of crypto wallets.
The use of SMS messages for 2FA is very popular due to its convenience. But one should stay cautious, as hackers have invented a relatively simple method for taking complete control over users fingerprints. Essentialy, SIM Swap happens when a fraudster convinces your phone carrier to switch to a new SIM card under his control. As a result, the attacker transfers the mobile number to their new SIM card and bypass 2FA.
SIM Swapping for cypto thefts
Nowadays people rarely miss the opportunity to connect their phones to all types of subscriptions and services. It’s convenient and fast, but when it’s also very dangerous, when speaking about banking accounts and crypto wallets. The thing is that the majority of mobile crypto wallets are secured with 2FA, so in case an attacker gains access to your phone number, you will most likely lose all your savings in no time. E.g. in January this year, Michael Terpin’s mobile crypto wallet was hacked for $23.8 million following an AT&T account representative transferring his cellphone account to an international criminal organization.
How to make your crypto wallet safe
One of the simplest and most effective ways to prevent a SIM Swap is just not to use a phone. Store your crypto offline in a cold wallet. In case you decided to stick with 2FA, it’s better to use authentication apps such as Google Authenticator and YubiKey, which represent significantly better options for managing 2FA.
Along with another advice, one should consider:
• Always to opt out of SMS 2FA and choose Google Authenticator 2FA;
• Request that your bank and phone carrier set up a verbal password;
• Make sure to enable 2FA with Google Authenticator on your Gmail account (as this is likely the first target);
• Consider a secondary offline device for your 2FA codes;
• Do not store 2FA reset codes on a computer — write them down.
Remember, that implementing the right security measures can help protect you from a disaster. And whether you’re just getting ready to dive in the crypto world, or already has a real experience in the sphere, you can’t miss the biggest crypto conference — CRAC 2018.
Join us at: cryptoaffiliateconf.com and you will hear from the top crypto speakers around the world!
