How to avoid getting your exchange account HaCkEd or pHiShEd

[xtraelv]

Scammers are very sly - can you spot the difference between the real https://www.cryptopia.co.nz  and the fake https://www.cryptopía.co.nz ?
Click on them and see the difference.

Often users think that their accounts are getting hacked or the exchange has been compromised. This is usually not the case. Most of the time users have been the victim of a phishing scam. Some quite basic but often quite sophisticated.


  
Some exchanges do not have a phone app - MOST advertised apps are scams
Be extremely careful clicking links from search engines - popular search engines like Google and Bing have scam sites listed.
Most exchanges do not have a support phone number - phone numbers advertised on third party sites or forums are usually scams
Official Twitter accounts are often spoofed - Make sure the twitter account is REAL and not a scammers CLONE. Differences are often very subtle.
Cryptopia does NOT have 2FA via SMS - this is a scam
Exchanges send emails using their registered domain - anything else is a scam. BinanceSupport@gmail.com is not real.
Also make sure that the email is not spoofed - it may look like the genuine sender. Don't click on links in emails.
BOTs are great but also carry risk - If you use a BOT you may get scammed. Free BOTs are often a scam.
Exchange staff will NEVER ask for your password or 2FA - if you give it to someone you will get scammed
 
The ONLY safe way to resolve a support issue is through a support ticket on the site you have the problem with.
Social media and forum help is unable to be safely verified. - You won't know for sure if they are staff or a scammer.
Social media accounts have been hacked and fake accounts have been verified by twitter.


 


People need to take more security precautions:  
Use google Authenticator or alternative DYNAMIC 2FA.
Use an email account with 2FA enabled and used the highest security settings that is not used for anything other than the exchange.  (gmail or protonmail)
Do not use apps on your phone if you use your phone for Crypto or the crypto email. Scam apps target crypto users.
Other apps on your phone can compromise the security of your phone.
Do not have Crypto wallets on the computer you use for account access.
BEWARE : Some coin personal wallets contain viruses and keystroke loggers that may steal the information from your computer.
Have a firewall, anti virus and anti malware from a reputable provider.
Do not click on links from seach engines or other sites to go to your exchange.
Always check the site security certificate.
Do not use bots unless you are 100% certain the bot is safe. Limit bot access to your funds by having multiple accounts. Most advertised bots are scams and will steal your crypto. Only get your bot from a reputable vendor.
Avoid WIFI - public wifi and unsecured WIFI is very unsafe. All WIFI is vulnerable.
Do not log onto and exchange with computers you don't own or have full control over.
NEVER EVER give your password or 2FA to someone else.
Use different email addresses and different passwords for different exchanges.



Scammers are now using DODGY security certificates. Make sure the security certificate is from the correct certifier.
 
TROJAN ALERT: https://www.bleepingcomputer.com/news/security/evrial-trojan-switches-bitcoin-addresses-copied-to-windows-clipboard/ is a trojan virus which changes any cryptocurrency address that is on your clipboard to a different address - ALWAYS take care to ensure the address that has been entered is the one you're intending to send to.


  
Using a pin for 2FA is not recommended. It is easy for a hacker to use a keystroke logger on your computer to gain access to your password and pincode.
Some recent coin wallets have had keystroke loggers and viruses built into them. For this reason you should never have coinwallets on the computer you use to access an exchange.
 

 
An exchange has no way of identifying a thief if they use valid logon credentials. It is like when your bank card AND PIN have been stolen - the ATM or bank is not at fault.
If you visit a scam site that looks like your exchange you are giving the scammer your email address, password and 2FA
That is not hacking - it is known as phishing. The exchange has no way of knowing that a scammer has all your VALID login cerdentials because YOU have accidentally given it to them.
For this reason you should take extreme care in keeping your logon credentials safe. For extra security use a unique email address that you only use for only one exchange. Have 2FA enabled on that email addres as well. SMS reset or SMS for 2FA is not particularly safe.


 
https://haveibeenpwned.com/ You can check here if your email address has been compromised by a previous hack.
Unfortunately if your account has been phished the scammers remove the funds within a few minutes. (Unless your withdrawal limit prevents them for doing this). All phishing attacks should be reported to the police.
 

https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn  Metamask chrome (also available for firefox) can warn you about phishing sites.
 
IMPORTANT: If your email has been hacked or you have been phished please make a support ticket immediately. Change your password and 2FA immediately on your exchange account AND your change the email address you use for the exchange.
 
A great 'one stop shop' for everything you need to ensure your account has security wise:



EDIT: Added image:



Source:
Scammers spoofing cryptocurrency exchanges
My earlier post on another forum

[1713950285]

1713950285

[1713950285]

1713950285

[1713950285]

1713950285

[Lucius]

This is very useful post and I hope it will help someone to prevent hack or get victim of phishing. It is true that is very hard sometime to recognize true from fake site, very often it is a very small and almost invisible difference which can be deceive even some more experienced users. Fortunately Google should start to ban all crypto related ads from this month, so it is realistic to expect that the number of such frauds will be much smaller.

However, hackers will probably find some other ways to target crypto users in an attempt to steal them their money. Last picture shows all steps which user should take to reduced risk to a minimum, but in my opinion language barrier is something that prevents many people from fully understanding that this problem exists. Something like this should be posted in sticky thread of all local boards (translated).

[Joochil]

I bet my life on this that you were a scammer and a phisher before you can deny by i know 
Now after you made money you are trying to be an angel right? just wow! 

[xtraelv]

This is very useful post and I hope it will help someone to prevent hack or get victim of phishing. It is true that is very hard sometime to recognize true from fake site, very often it is a very small and almost invisible difference which can be deceive even some more experienced users. Fortunately Google should start to ban all crypto related ads from this month, so it is realistic to expect that the number of such frauds will be much smaller.

However, hackers will probably find some other ways to target crypto users in an attempt to steal them their money. Last picture shows all steps which user should take to reduced risk to a minimum, but in my opinion language barrier is something that prevents many people from fully understanding that this problem exists. Something like this should be posted in sticky thread of all local boards (translated).

I hope they do pin it or use it as a source for a pinned post. At least two exchanges have used one of my earlier articles as a source for their anti phishing tutorial and I've provided it to a few coin devs as well. I feel really sorry for the people that have been phished and do hope that it prevents a lot of people from being victims of theft.

I bet my life on this that you were a scammer and a phisher before you can deny by i know 
Now after you made money you are trying to be an angel right? just wow! 

No matter how much I deny it - you won't believe me. 

I've helped a lot of people who have been scammed. It was the motivation for the first article I wrote for a different forum last year and have been updating ever since.
Prevention is much better than trying to get it back. (very low chance)
Spammers and scammers are my nemesis.

[LTU_btc]

Wow, man, great article! You put lot of effort to write it. I see that you detailed probably all aspects related exchanges accounts hacking/phishing attempts. But so far I haven't saw fake accounts of exchanges being verified by Twitter. Do you have some examples?
These hackers/scammers are getting really smart and they always find new ideas how to scam people. But the main problem that many people just aren't careful enough, they aren't following even basic security advises. It seems that some people will learn only when they will be scammed..

[xtraelv]

Wow, man, great article! You put lot of effort to write it. I see that you detailed probably all aspects related exchanges accounts hacking/phishing attempts. But so far I haven't saw fake accounts of exchanges being verified by Twitter. Do you have some examples?
These hackers/scammers are getting really smart and they always find new ideas how to scam people. But the main problem that many people just aren't careful enough, they aren't following even basic security advises. It seems that some people will learn only when they will be scammed..

The verification scams run at many levels.

https://www.coindesk.com/twitter-scammers-use-verified-accounts-trick-crypto-holders/ Fake verified Tron Foundation and its founder, Justin Sun

One scam was to get verified and then change the twitter name to who-ever they wanted to impersonate. A symilar method is used to get fake site security certificates.

https://www.siliconrepublic.com/enterprise/twitter-ad-verification [FAKE]twitterverifiedapplication.com[FAKE] is phishing users wanting to become verified.

Twitter suspended the verification scheme after verification of Jason Kessler. (One of the organizers of the white supremacist rally in Charlottesville).


I've updated the original post to include this example.

[hugeblack]

Many scams have occurred because of this type of site.
Unfortunately, Google ads participate in this type of scam and do not delete this sites.
Using metamask for chrome & firefox will help you or edit your HOSTS file"C:\Windows\System32\drivers\etc" to ban/unban this sites.
Also, some traditional solutions have been spared a lot "Write the site manually."

[Hamphser]

Wow, man, great article! You put lot of effort to write it. I see that you detailed probably all aspects related exchanges accounts hacking/phishing attempts. But so far I haven't saw fake accounts of exchanges being verified by Twitter. Do you have some examples?
These hackers/scammers are getting really smart and they always find new ideas how to scam people. But the main problem that many people just aren't careful enough, they aren't following even basic security advises. It seems that some people will learn only when they will be scammed..

Very detailed which do really deserves a merit on the post he made.These are indeed phishing sites which some people do get victimized due to their carelessness and i dont know why most of them do tend to make a google search which even memorizing the correct url isnt really hard to do such thing. Expect for those scammers to level up on the way they do scam because if their method becomes obvious it wont really make money anymore for them.

[BitHodler]

I actually did spot the minor differences pretty easily, but that's mainly due to how extremely paranoid I am. On the other hand, I can understand why newbies would and very likely regularly fall for these phishing sites.

I own a very powerful (non crypto) Twitter handle that from the looks is similar to the actual Twitter handle, but the way Twitter displays its lettering, the difference between my handle and the original one is minor.

I get follows and people actually tag my account thinking they are talking to the original one. If I had bad intentions, I could cause quite some damage, so I am actually glad that no one else can register it anymore.

I tried contracting the company to transfer it to them, but they aren't responding unfortunately.

[magneto]

Great, informative post.

Hacking isn't really as prevalent today, or as damaging as phishing does to crypto exchange users, due to the sheer amount of phishing scams out there in every shape or form possible trying to get your money.

The most common scam that I see people falling for is probably the good ol' google ads phishing site, which is also mentioned in your OP. Part of the problem is that google doesn't check the legitimacy of the URL before listing it on their ad platform. That's why you should always remember the official URL of your exchange, and try to type it in every time, or even bookmark it, instead of searching for it on google. Even if you do search for it, don't click on any ads.

Also, another phishing scam would be impersonators in twitter comments posing as exchange management giving away coins. They'll use a similar name in their profile as the official exchange twitter account. These are quite obvious, but some people still fall for it - just be aware.

It's your money on an exchange, you should take an active effort to protect it.

[xtraelv]

Great, informative post.

Hacking isn't really as prevalent today, or as damaging as phishing does to crypto exchange users, due to the sheer amount of phishing scams out there in every shape or form possible trying to get your money.

The most common scam that I see people falling for is probably the good ol' google ads phishing site, which is also mentioned in your OP. Part of the problem is that google doesn't check the legitimacy of the URL before listing it on their ad platform. That's why you should always remember the official URL of your exchange, and try to type it in every time, or even bookmark it, instead of searching for it on google. Even if you do search for it, don't click on any ads.

Also, another phishing scam would be impersonators in twitter comments posing as exchange management giving away coins. They'll use a similar name in their profile as the official exchange twitter account. These are quite obvious, but some people still fall for it - just be aware.

It's your money on an exchange, you should take an active effort to protect it.

The reason phishing is more popular than hacking is because it is relatively unsophisticated compared to hacking. Exchanges have relatively secure websites that are hard to hack and often are independently penetration tested - users are the easiest target and can get fooled into giving away their login credentials.

I've added this image - while it isn't phishing people for their account access - it is a common scam involving exchanges.

Yeah the twitter scam is a common one. So much so that Vitalik Buterin renamed his twitter account:

Vitalik "Not giving away ETH" Buterin

[timerland]

I wouldn't click on any google ads, ever. Even if the link in the ad seems perfectly legit and not a phishing site, you're just a lot safer if you just avoid clicking on them altogether.

Also, I'd be very careful of registering with the email (and password, which goes without saying) that you use on exchanges on shady sites. Use a throwaway email instead. Not only will you get spam, you may get attempts at logging into your exchange accounts that may or may not succeed, if the owner of that shady site decides to do malicious things with it.

Vitalik "Not giving away ETH" Buterin

Similar thing happened with the Binance founder, CZ. All of his posts and Binance updates were flooded with comments that suggested they were holding a giveaway or whatnot, which forced him to essentially change his twitter name to indicate that he's not giving away coins.

[xtraelv]

I wouldn't click on any google ads, ever. Even if the link in the ad seems perfectly legit and not a phishing site, you're just a lot safer if you just avoid clicking on them altogether.

Also, I'd be very careful of registering with the email (and password, which goes without saying) that you use on exchanges on shady sites. Use a throwaway email instead. Not only will you get spam, you may get attempts at logging into your exchange accounts that may or may not succeed, if the owner of that shady site decides to do malicious things with it.

Vitalik "Not giving away ETH" Buterin

Similar thing happened with the Binance founder, CZ. All of his posts and Binance updates were flooded with comments that suggested they were holding a giveaway or whatnot, which forced him to essentially change his twitter name to indicate that he's not giving away coins.

The main reason for posting this is to ensure that people who are new to Crypto don't lose their Crypto to phishing scams.

I have close ties to a number of exchanges (both centralized and DEXs). I have seen a lot of users get phished. Phishing is a multi-million dollar criminal enterprise that give crypto a bad name.

[jerry0]

Are any of those google ads safe to even click on even if they are the real site?

[1Referee]

Are any of those google ads safe to even click on even if they are the real site?

Technically, you don't know beforehand if the ad you are about to click on refers to a site that doesn't contain crap that directly infects your computer or whatever other device. You'll only find out if it's safe or not after you clicked on it. It's literally Russian roulette; you'll either regret it or not. Google doesn't care about what you do with your ad space, they just want you to pay. If later turns out you are abusing their ad space they simply banish you.

Google knows that there is heavy abuse going on, but they don't care. If they were selective and strict about who they sell their ad space to, they likely wouldn't be able to sell 50% of what they today manage to sell. Their logic is that abuse can be dealt with later on, and it works for them. No one here should expect Google to protect you.

[xtraelv]

Are any of those google ads safe to even click on even if they are the real site?

Technically, you don't know beforehand if the ad you are about to click on refers to a site that doesn't contain crap that directly infects your computer or whatever other device. You'll only find out if it's safe or not after you clicked on it. It's literally Russian roulette; you'll either regret it or not. Google doesn't care about what you do with your ad space, they just want you to pay. If later turns out you are abusing their ad space they simply banish you.

Google knows that there is heavy abuse going on, but they don't care. If they were selective and strict about who they sell their ad space to, they likely wouldn't be able to sell 50% of what they today manage to sell. Their logic is that abuse can be dealt with later on, and it works for them. No one here should expect Google to protect you.

https://www.virustotal.com/ is an free online scanner that allows you to scan without loading it onto your computer. I use it for a pre-scan when I am suspicious of a site or link.

[stomachgrowls]

Are any of those google ads safe to even click on even if they are the real site?

Some are legit Some are not but the best thing to do is neglect those sites which are commonly placed on the top and this is the thing ive been doing eversince even if the url link is right. I do make a habit on inputting the exact link on url bar. Google searches is only being used on my part when it do search up some things not totally being used on accessing any sites.

Avoiding on not to be hacked or phished? Then its always set out the best security among of your account 2fa, strong passwords,clean computer.

[xtraelv]

Are any of those google ads safe to even click on even if they are the real site?

Some are legit Some are not but the best thing to do is neglect those sites which are commonly placed on the top and this is the thing ive been doing eversince even if the url link is right. I do make a habit on inputting the exact link on url bar. Google searches is only being used on my part when it do search up some things not totally being used on accessing any sites.

Avoiding on not to be hacked or phished? Then its always set out the best security among of your account 2fa, strong passwords,clean computer.

The advertisements are easier to fake than search results. So using a search result often is safer than clicking an advertisement.

I agree  - 2fa, strong passwords and a clean computer. + Current antivirus from a reputable vendor.

Use dynamic 2FA like google authenticator rather than a static 2FA method.

[xtraelv]

Hopefully this will stop some people from getting scammed.

[Ridwan Fauzi]

Hopefully this will stop some people from getting scammed.

Well done, I like what you wrote in this article and I'm sure it will help many people to avoid scammed from every site. All we know scammed is the most feared thing for every good person who is a long time user of cryptocurrency and especially for new people and they want cryptocurrency as their investment place. And with this article will at least restore their confidence in cryptocurrency.