Topic: Learn to be safe and secured online (Read 275 times)

Even with absolute security and precaution nothing is safe. First I was a victim of clipboard virus then the second time I was victim of ransom ware virus. Even my antivirus couldn't detect that. Every file, every, document, every image I had in my harddisk was encrypted. Many popular ransomware virus were reversed engineered to decrypt the data.Unfortunately, the one I was infected with had no cure at that time. It was somehow new. As a result, I lost everything. Most of my data was backed up but in the ends I, somehow lost 2 private keys. Around 2k worth of fund is still inside the wallet but I have no way to access that. lol

You don't have to leave your funds vulnerable to hackers, even though there is nothing such as 100% security you can protect your funds from hackers and ensure there is a very slim chance of it being stolen, if you follow all the warnings and security tips posted all around this forum, you'll learn how to protect your assets from hackers. Your wallet would not be emptied if you keep your keys offline, if you keep your seed phrase safe and never expose it, if you use open source softwares and also protect your data, etc.

This topic appears very often on the forum, but strangely, the administrator does not want to open a separate board for discussing pressing cybersecurity issues. There are many topics that need constant updating and monitoring, as technology does not stand still and hackers regularly create more and more sophisticated methods for people who are ready to be deceived. Why am I formulating? For any normal person who regularly visits the Internet, knowledge of computer security and online security is an obvious factor.

Thus, for your own education, constant monitoring of sites publishing computer security news will be the best way in the absence of a full-fledged board.

Well, everyone's concern is all about fund security. Unfortunately, with the advanced technology that we have these days, hackers have taken advantage of the situation while many people who are too careless fall into their tricks. We can't rid of them either nor stop them from hacking - and that was the reality. As we are in the crypto space and online investment, we could assume that we are ready and dare to face the vulnerability of our funds to hackers.

We can never be surprised that one day our wallets will be empty but having deep knowledge on how to secure our wallet somewhat gives us a bigger chance.

It is very important for us to try and protect ourselves from scammers and hackers that could get hold of our information and make sure we do the necessary things that will make us stay safe. There are some exchanges that we don't even have to create account there based on other investors past experiences and review. No matter how eagered we are to to have an exchange account where we will be using to make cryptocurrency transactions, it is very important for us to stay safe and make sure we check for reviews from other users before signing up on the exchange for our own safety.

Scammers are more and more on online platforms now and day by day scammers are increasing on online platforms.  Scammers especially target those who cannot keep online platforms very secure.  Most scammers use their own intelligence to hack other people's accounts.  Those who don't KYC their account and don't use google authenticator are more likely to have their account hacked and those who share all their account seed with others are more vulnerable to scammers.  If you are not careful with online platforms, you will definitely get scammed.  So we should verify the online platforms.

Yeah, It's all over everywhere, clipboard virus used to take away people's funds unknowingly. The causes of such a virus is downloading apps recklessly to our device, where we hold crypto. It's crucial we mind the app downloaded to our devices as they could contain malware. There is an increase in security breach on the internet. Checking the address isn't all needs to be done. Maybe someday we won't be able to go through the address properly, before forwarding the funds. I'd suggest that users after noticing an attack like that. Taking away irrelevant apps or files from our device is encouraged. However, attackers have multiple means to con internet users, especially in the cryptocurrency niche. Aside from the techniques exposed by OP, the list goes on and on. But, phishing is one dangerous method, and it could be dangerous, when we are not observant of the URL of the site we visit. This kind of scam isn't simple to notice initially, that's why people still fall for it. Those other methods are relevant, but can be suspicious at a point, depending on the scam player.  Calling people claiming to be their financial institution can stair suspicions, if the receiver understands the trick. The scammers phone number may not be similar to that of the institution and the professionalism may not match that of an employed customer care in the institution. Most institutions, boldly announce that they don't call or ask for sensitive information from their customers. Unless the user doesn't follow diligent research process, the could fall victim for such a scam. Unlike phishing, it's just so difficult to notice. 

This is very informative, this just made me remember a buddy, i told to make use of authenticator on all his online account he created, in the past which for a second it was as if i knew he never heard of AUTHENTICATOR before so along the line i had to show and direct him on how to get it done.

Constant safety reminder keeps you abreast and puts you in the know of possible and potential security attack on you. As time goes on and as technology evolve, scammers are always going sophisticated too. I too for once take a proper check on my accounts to note any lapses so I could put it in other because that is the only way to stay safe and always protected online. Once in a while do a routine check for updates as regards your privacy and security features.

Newbies are the most target of these scammers and most of the newbies fall sheepishly to their scams and hacks  causing them huge losses which they never believe they could lose just like that without any remedy of getting it back.

If we tirelessly work towards having the best security safety of our bitcoin asset then we are going to remain a difficult puzzle for the hackers to solve the means through which they can use to have access to us and penetrate in, we are in most cases responsible for allowing them to attack us because we unknowingly creates some loopholes that serves as entry point for them to launch an attack, henceforth we need to be very careful with how we appear online and things we do on various websites visited, these alone may reduce our chances of being scammed as well if we give attention to them

Well, I want to appreciate your effort to always remind the community on their safety and I always take my safety very seriously especially  On the internet and on the cryptocurrency industry this is because any funds lost or stolen in the cryptocurrency industry can’t be recovered and adding to all you’ve listed is phishing links and people should always try as much as possible to avoid clicking on any random link from the internet especially from exchanges and I’m saying this from my personal experience and ordeal and I wouldn’t want anyone to also fall victim of such cheap scam and also learn how to treat everyone and everything as a suspect as long as the internet is concerned.

These attacks sometimes come through the anti-virus app that you are running through your Laptop or PC. I'm aware of that because this happened to me many times, When I was running an Anti-Virus app on my laptop, so there my all data was hacked into the laptop because it suddenly got the passwords that were through the malicious links. And I turned off my laptop when I again opened it there was nothing on the laptop, the data were something else, i.e malicious things.
Also, never try to open spam links through your email or any other app.

Ensure your devices have up to date antivirus software & operating systems. Use strong and unique passwords for each online account. Always be cautious of suspicious emails, messages or requests for personal information & never click on unfamiliar links or download files from untrusted sources. Obviously back up your important data and enable two factor authentication whenever possible. Be mindful of the info you share online & adjust privacy settings to limit access to your personal data.

It doesn't matter how careful you get you'll still get phishing emails. It might be too much but they'll still come. Scammers work very hard. It doesn't have to be just emails, social media accounts also receive phishing messages. They send all forms of intriguing messages. It could be an investment, to invest in a particular project, or a way to make money online.
You just have to know that you shouldn't click on these links and don't take those kinds of messages seriously. You can block numbers and emails that send phishing messages to you.

Don't be careless when you are online and click on any link you see. You will not be phished if you are careful on the Internet.

Security checklist
[LEARN & EARN] Phishing Quizzes - Beginners & Experts
[Tutorial] How To Report Phishing Email & Create Auto Delete Filter - Gmail User
Tool For Catch Phishing like
https://dnstwister.report/
https://www.phishtank.com/

We always often hear a sentence: Don't Trust, Verify. Even the sentence does tend to be bitcoin, but if you study it carefully that sentence is very useful to remind us not to easily believe in something in the world. We are humans who are sometimes careless and forget about something which can make us lose something important. Because of that if I receive something via email, Chat, SMS, or anything on the gadget, I have to check it 1st if that message is safe from viruses, or any kind of malware. I never click on any links from messages even if the links look clean and trust. I will definitely ask and find out the purpose until I'm really sure that link is safe. Sometimes, If the link is useless for me, I never click it even if it's safe.

That's the most important and always verify what you click.
Actually, there are too many of them, a kind of cyber attack that we should know and even here in the forum that still happened.  The same case in the Electrum hack attack, called pop-up scam, it's involves deceptive pop-up windows on websites or app, often claiming that the user's computer is infected or need to update to a higher version in order to proceed with the transaction which is the result in downloading malicious software.

In my country, this smishing scam attempt is very common, yesterday I received a text message that my bank account was compromised, but while reading the text message I knew it was a scam attempt because I don't have an account on the bank that the text said.

0 days also exist. So sometimes it's possible to get hacked simply for opening an image let's say, which should not be an attack vector normally. For instance the .webp exploit had it so users could get exploited simply by opening a webp image sent to them. Thankfully it was patched by major

If someone is looking to store significant amounts of cryptocurrency, it's always best to store it in a way that doesn't involve an internet connection. Cold wallets exist. And if you for some reason need a computer to do something it can also be non-networked.

Aside from knowing the list stated by @OP, there are other kind of threat online. Threat like malware and ransomware are rampantly infecting victims.  One of the recent news in my country is the Philhealth being hacked through backdor malware that enable the hacker to control the system. This is one of the example of the ransomware and said to be infected through the device of one of its staff working at home.

So aside from being on lookout for Phishing, Vishing and Smishing, one should also tighten their internet security for possible data hack.  Installing anti-malware  or internet cyber security can greatly help to avoid this king of attacks.

Most importantly, avoid clicking unknown links.

AFAIK downloading cracked version of paid applications, downloading softwares from untrustworthy sources or websites, clicking links in emails from unknown sources, trojans are some of the ways your computer could have been possibly infected. Glad to know you were able to noticed that your copied address has been replaced by a clipboard malware but you might want to reconsider your browsing habits.

Whenever a transaction is about to be carried out, it's very important to always crosscheck some of the digits of the copied address against the address on the sending tap before confirming the transaction.

New developments are coming due to the advanced technology age. As people adopt new technologies to improve their privacy and secure their assets and other valuable information online, scammers are also working hard to bridge the new technological ways that have been discovered. That is why we need to be very cautious with our privacy online.

Malware attacks are very bad, and you will be wondering their source; mostly, they are gotten through the visitation of anyhow links that are unofficial while trying to download or install some software on your devices, and sometimes through email spam messages.
With or without a malware virus on your device, always double-check your bitcoin address before sending bitcoin.

It is basically impossible to be 100% certain that your device is free from malware or any other type of attack, thus you should hodl your funds offline, only keep a small amount of funds in a hot/online wallet because such funds are susceptible to being hacked and stolen.
Open source and security-based operating systems are great to use, but mind you that if your device is online, you cannot be sure it is completely free from malware and other forms of attack, even if you use such OS', thus your assets should be stored offline in a hardware wallet.

I have heard of these clipboard virus used by scammers, I’m not a technical expert but I always make sure I double check the wallet address I’m sending bitcoins to just to be sure I’m not making a silly mistake that will cost me. People who mostly are a victim of this scam are those who copy sending addresses without cross checking. this 

Did you run a malware/virus check and find anything? We hear of these clipboard style virus' often, but with modern security OS' and security software it seems unlikely to receive one unless someone  is a victim of a phishing attack. For this reason taking absolute care around anything cryptocurrency related is vital. So it's good you've taken some measures to prevent this in future.

Scammers are creating new ways to scam the innocent people. With more modern technology scammers are adapting to new methods. Although the method you mentioned is kind of old but they are still in use and effective. Thousand of dollars are lost to these scammers daily.

Some months ago, I was almost scammed by a clipboard virus. Basically this virus replaces the original sending address with a phishing address. As a result all funds goes to an entirely different address. And it cannot be undone.

I don't know how I got infected. Maybe I downloaded some things or clicked suspicious links. After the incident I started using, sandbox, VM type of software, to test new things or links if I were unsure.

Security is everyone's responsibility and it has become very necessary and paramount to protect ourselves from cyber attacks as we engage ourselves online on a daily basis. As technology is advancing and improving is the same way hackers are also advancing in their methods by using different social engineering. This is not the first time something like this is being discussed in the forum but I think it's necessary to be bringing it up on a timely basis in order to keep us abreast. Let quickly brush on the following techniques use by hackers and how to protect yourself from them.

• Phishing
• Smishing
• Vishing

Phishing is a type of cybersecurity attack which happens when malicious actors send messages (email to be precise) pretending to be a friend or a company so as to  steal information or corrupt their devices.
Example of Phishing

This unfortunate love story started in the Philippines in the year 2000 and was delivered with the subject line I Love You along with instructions to read the attached email. The virus was tracked to an email address registered to an apartment in Manila, which led to Onel de Guzman. He created the Love Bug virus, not thinking it would reach as many people as it did.Within 24 hours of releasing the virus, it had spread across the world.
Remember that it can be in form of link too and not necessarily need to be a file.

Smishing is similar to phishing just because it has a common goal. However, it uses deceptive text messages to manipulate victims into giving out sensitive personal information such as bank account details, credit card numbers and login credentials.
Example of Smishing

I have decided to call this lookalike walmart attack because their aim is to portray themselves as those big firms who you probably have transactions with, in other to trick you into believing they are rewarding you. At times, you can still get messages like this even if you have never used their services before. Sometimes, some amateur attackers just send these messages at random.

Vishing is very similar to phishing with the exception that this uses phone calls. This is a manipulative practice of making phone calls or voice messages pretending to be from well known companies in order to make individuals to reveal personal information, such as bank details and credit/debit card numbers and more.
Example of Vishing

Have you ever received a phone call, telling you your account has issues and the person you are talking to is a supposed customer service agent? That is Vishing. They pretend that they are from the banks or other institutions that houses your private information. Their aim, is to get those data off you and use it in dangerous ways.

How do we protect ourselves from being a victim of these attacks?

The simple way to avoid these attacks are by following the preventive measures which may include:
Don’t ever click on SMS or email you are sent from unknown sources. Go to the company's website for verification by typing their URL.
Check the names of the sender and most importantly, the links too. Does it make sense for a reputable organization to use bit.ly? Ask yourself that amidst others.
Never share private information over the phone. Its better you meet with the company physically to confirm.
Verify the number of the so called company that is calling you. Check their website or the internet to confirm if the numbers correlate. However, know that, numbers too can be cloned, so it’s better to just stick with not sharing sensitive information over online or phone call.
Always download your apps from playstore or apple store for android and apple device respectively because a malware named trojan can be embedded inside those Apps you download from untrusted sources. Better safe than sorry.
Do not visit sites that starts with Https because these are sites that are not secured with Tls(Transport Layer Security) or as it was previously known, Ssl (No more in use). Secured sites url should start with https.

A compilation of these tips and more on cyber security can be read via this documents