Digital asset exchange Coinbase notes that its Security team regularly monitors the safety of its trading platform and customers’ funds. The US-based exchange also keeps a close eye on security threats and “abuse trends” affecting the larger crypto-economy.
In December of this year, personal information was stolen from Ledger, a third-party hardware wallet provider, Coinbase noted. This highly-sensitive data was shared on a hacking forum, which led to a massive wave of phishing and extortion attacks against Ledger users, Coinbase confirmed.
That, of course, is bad news, but the good news is that with a few fairly simple steps, users can learn to identify common attacks and protect themselves, Coinbase noted.
Receiving threatening emails can be terrifying, the exchange acknowledged (like the one shared here by Coinbase). But that’s “precisely the goal of the attacker,” the exchange explained. They aim to instill “fear, shame, or embarrassment” – which are all common tactics that extortionists regularly use to force their victims into paying large amounts of funds, even when there’s no real security risk, Coinbase noted.
The exchange suggested:
“While everyone’s personal circumstances are different, our general advice is to completely ignore messages like this. Most extortionists are looking for easy targets, and will generally move on if they don’t receive a response. Of course, if you do have concerns for your personal safety or receive escalated extortion attempts, you should contact local law enforcement immediately.”
“As a general rule of thumb, if an email is asking you to do something that you’re not expecting or didn’t request, you should treat it with caution. Some phishing links and websites can look very realistic, so if you have any doubts about its authenticity, it’s better to visit the website directly by typing in the URL, or finding the top non-advertisement search result in any major search engine (yes, scammers abuse search engine ads too!).”
The Coinbase Security team further noted that if you get an email claiming to be from Coinbase and you’re not completely sure if it’s authentic, then users can always forward these suspicious messages to [email protected] for verification purposes.
While commenting on SIM swaps and other serious online attacks, Coinbase noted that even if you don’t get phishing emails or extortion attempts (like from the Ledger security breach), the exposure of your personal details could potentially put you at risk for other types of damaging attacks, such as SIM-swaps and “increased targeting of your other exchange accounts and cryptocurrency holdings.”
Coinbase advised that we must always be “on the lookout for targeted phishing emails claiming to be Coinbase.” The exchange also recommended checking your email at haveibeenpwned.com or some other data breach monitoring website and also make sure you’re using strong, unique passwords for all accounts.
Bitcoin focused Casa’s Head of Security has also shared tips to protect your data and digital identity from damaging hacks and security breaches.
As reported recently, YouTube related cryptocurrency scams are on the rise, the Gemini Security team confirmed.