As a newcomer to the cryptocurrency market, besides learning investment knowledge, you also need to equip yourself with the necessary skills to protect yourself against scammers. Even for those with years of investment experience, a second of negligence can put your assets in jeopardy. The following article will introduce what is Phishing, and what is Anti-phishing code. Let’s read and find out together.
What is Phishing?
Phishing is also known as phishing attacks. This is a form of cyberattack where an attacker impersonates a reputable entity for the purpose of tricking users into providing personal information such as login accounts and passwords, transaction passwords, or other security-related information.
Reputable units here are usually banks, online trading websites, trading platforms, credit companies, etc,… Attackers often carry out their phishing via Email and text messages. Upon receiving the email, users will be asked to log in if they click on the fake link. Once there, the hacker will get the victim’s credentials.
Types of Phishing attacks in the crypto space
It may sound simple and hard to fool long-time users, but in reality, Phishing attacks exist in many forms. Here are the 3 most common types of Phishing attacks.
In this form, hackers use sophisticated tactics to spoof a legitimate email from an exchange you join or a related finance company. The ultimate goal is still to ask you for your credentials. For example, the Binance cryptocurrency exchange has an email from binance.com, a subdomain of support.binance.com. This means that the scammer can create an email similar to the support email on email@example.com example to deceive the user.
URL redirection & URL Phishing
In this form, the scammer deceives that the victim has visited a website correctly. This website is designed similarly to a real site and requires users to log in to an account. The ultimate goal remains to steal login credentials and personal information. These websites usually have the following characteristics:
- The design is almost identical to the original page
- The link is almost the same as the original page: reddit.com (real) vs redit.com (fake); microsoft.com (real) vs mircosoft.com (fake), coinmarketcap.com (real) vs coinrmarketcap.com (fake).
- Always ask the victim to log in to the account and then commit the theft of the user’s information and assets.
This is a much more sophisticated form of phishing and is commonly known as automated dialogue. There will be a notification sent to the victim via a call and inform them about the unusual activity of banks, credit cards, trading accounts… The scammer will name the risks the victim may face and ask them to confirm the information to seize the property. In some cases, this type of scam is also used through SMS messages with similar requests and purposes.
How to recognize and prevent phishing attacks
Check the link before accessing an unfamiliar address
Before clicking on a link, you need to double-check and ensure it’s correct. The link of a fake website is often made to closely resemble the original link and is difficult to recognize. However, if you pay close attention, you will see that the fake link will contain some other characters. Please carefully review the link before accessing it to avoid unfortunate risks.
However, if you accidentally click on a suspicious link, don’t rush to fill in your login information or something like that. You should look for fake signs on that website, which often contain meaningless symbols or additional text. If there are any suspicious signs, absolutely do not fill in any information requested by the website.
Check the SSL and the digital certificate of the website
Most legitimate websites use SSL (Secure Sockets Layer) and digital certificates to protect users. Therefore, look for SSL and digital certificates on the website to check the reliability of the website & links.
What is an anti-phishing code?
Anti-phishing code is also known as anti-phishing code. This is the security feature offered by exchanges, it allows users to create an extra layer of security for their accounts to combat forms of exchange tampering. This feature is mainly used for phishing email prevention.
When the anti-phishing code is activated, the system will use this code in all official emails sent by exchanges to users. This will help users distinguish between real and phishing emails and can promptly prevent phishing attacks.
Why use an Anti-phishing code?
Although 2FA (two-factor authentication with Google Authentication) is a great tool for account protection. However, adding an extra layer of security to your account is also not superfluous, especially in the crypto space.
The larger the exchange, the higher the risk of phishing attacks. And the consequences of attacks are often huge. And the exchange was unable to get money back to help victims when the attack occurred. Therefore, the most important thing is to be responsible for your assets.
Instructions for setting up Anti-Phishing code
Step 1: At the homepage interface, select “My Account”
Next select “Security”
Step 2: Select the Anti-phishing code
Step 3: Select Create Anti-phishing code
Step 4: Enter the code, then select “Submit”
Step 5: Enter the 2FA or SMS security verification code
Step 6: Set up the Anti-phishing code successfully
Cryptocurrencies are a potentially risky space. Therefore, participants need to have the knowledge and skills to protect themselves against the sophisticated tricks of malicious factors. A wrong investment decision is unlikely to cost you by having your account hacked. So, equip yourself with a bag of knowledge before entering this potential market.