WhatsApp scams and personal security
A recent experience
I recently helped a lady who was contacted via whatsapp by 2 Coinbase directors informing the lady that she invested in crypto 5 years ago and her investment was now worth £30,000. Coinbase charges an exit fee of 3% or £900, which she should send to them as her account executives, to access her investment. The lady is an older lady and since making an initial ‘investment’ she has unfortunately had a stroke subsequently has no recollection about previous correspondence.
There are a number of red flags in this story so I offered to help. Coinbase are the first crypto exchange to be listed on the NASDAQ for billions of dollars. Non of their staff are going to contact a client via WhatsApp never mind the directors of the company. Not being sure of the individual’s competency re crypto and significant memory loss, I decided to search for the individuals names on the inter webs. I search on LinkedIn for professional profiles and companies house to see if they were registered but nothing presented itself which was a huge red flag. I was unsure whether the company name was correct and whether an initial investment had ever been made.
Coinbase does not charge 3% to withdraw cryptocurrencies from their exchange, and company directors would not contact someone via WhatsApp. Coinbase charges 1% for selling and removing your crypto, and not only that, the fee is extracted at the sale of crypto and when extracting it from the exchange. You do not need to pay someone £3 or £30, let alone £900 in advance, just to access your crypto on an exchange.
Although this was a vulnerable person due to their health and age, the truth is that we are all susceptible to cybercrime. Financial crime and fraud have become more prevalent in today's increasingly digital world.
Cybercriminals are constantly finding new ways to target individuals and steal their money and sensitive information. To protect yourself against these threats, you must know the most common ways individuals are contacted and attacked.
Recent WhatsApp Scam message my wife received
Analyse the above to see what red flags you can see.
International telephone number
Photo of a young man
Innocent looking photo of a young lady.
The promise of thousands of dollars easily won.
If it’s too good to be true - it is not true.
Here are five ways to protect yourself against online financial crime and fraud.
1. Keep your software and systems up to date
One of the most common ways cybercriminals target individuals is through vulnerabilities in software and systems. To protect yourself against these attacks, keeping your software and systems up to date with the latest security patches and updates is important. This includes your operating system, web browser, and any other software or applications you use.
2. Use strong and unique "passwords."
Another common way that cybercriminals target individuals is through weak and reused passwords. To protect yourself against these attacks, use strong and unique "passwords" for all your online accounts. A strong "password" should be at least 12 characters long, include a mix of uppercase and lowercase letters, numbers, and symbols, and not include personal information.
I've put "password" in italics because I've learnt that "password" is a poor word for what is needed. "Password" automatically makes us think of a word, whereas "Passphrase" or "Keychain" directs our brain differently.
Hacking a passphrase is generally much more complicated than cracking a password because passphrases are typically longer and more complex.
Passwords are often short and may include easily guessable combinations of letters, numbers, and symbols. They are also often reused across multiple accounts, making it easier for attackers to gain access to multiple systems or applications with a single cracked password.
On the other hand, passphrases are typically longer and include a combination of words, numbers, and symbols that are randomly chosen or chosen to have meaning to the user. Because of their length and complexity, passphrases are much more difficult to crack through brute force attacks or dictionary attacks.
For example, a password like "password123" can be easily cracked with a brute force attack. At the same time, a passphrase like "Ilove2runat5am!" is much more difficult to crack due to its length and complexity.
Overall, using a passphrase instead of a simple password can significantly improve the security of your online accounts and protect you against cyber attacks. Using a passphrase that is at least 12 characters long and includes a mix of upper and lower case letters, numbers, and symbols is recommended.
3. Be cautious of phishing scams
Phishing scams are a type of fraud where cybercriminals send fake emails, texts, or social media messages to trick individuals into giving up their personal and financial information. To protect yourself against phishing scams, be cautious of any unsolicited messages you receive. Do not click on any links or download any attachments from unknown sources. Always verify the sender by clicking on the sender's email address, and often it will be nothing to do with the company it is disguised. Look for spelling or grammar errors in the message; just don't pick me up on mine…
4. Use two-factor authentication
Two-factor authentication is an additional layer of security that requires users to provide two forms of identification to access their accounts. This can be a password and a code sent to your phone or email. By enabling two-factor authentication, you make it much more difficult for cybercriminals to access your accounts, even if they have your password.
5. Monitor your accounts regularly
Finally, monitoring your accounts regularly for any suspicious activity is important. Look for unauthorised transactions, changes to your account information, or unexpected emails or messages. If you notice anything suspicious, report it immediately to your financial institution or credit card company. Keep the foxes from crossing the secure line by getting in via 'rubbish' security practices.
