You data is not safe on centralized exchanges - page 2.

Wakate

hero member

Activity: 980

Merit: 519

fillippone - Winner contest Pizza 2022

Quote from: Husires on October 12, 2023, 06:12:04 AM

Everyone spies and collects your data, starting with browsers, Google, your service provider, Facebook and WhatsApp applications, Gmail, and even your phone or Windows operating system. Therefore, be careful when using your email if you do not want to find it filled with spam.
Centralized platforms do not protect customer data, and some of them share, store, or sell it to third parties, so you should mainly use centralized platforms that do not require identity verification when you have to.

It is true that our data might not be safe on centralized exchanges but there is nothing we could do about that because we ought to have account on a centralized exchanges for us to trade and stake our coins to earn more profits. Even the so called big investors for have accounts on centralized exchanges to make trades that might not be possible on decentralized ones. The most important things we need to ensure is to keep to good safety measures by not signing up on third party exchanges which could lead to spamming of our accounts or even for it to get compromised by hackers without our knowledge.

Hatchy

sr. member

Activity: 336

Merit: 365

The Alliance Of Bitcointalk Translators - ENG>PID

Quote from: Ruttoshi on October 10, 2023, 09:35:47 AM

So many people fell for this trick, especially the ones that were not educated , and they got all the funds in their account wiped out.

I think it will be ignorance that would make someone give out the digits of their debit card out to anyone. Even on registering a bank account, they will tell you strictly that the bank can never contact you, or text you privately for any personal documents. And if need be, they usually advice people to visit their local bank branch. When you come in contact with an unknown message or text requesting you provide details or click a link relating to your funds, it usually adviced to go to the original site and check if any such details are required at that time. Hackers are fond of these acts so someone who is socially active should be aware and alert just in case they come in contact.

Husires

legendary

Activity: 1582

Merit: 1284

Everyone spies and collects your data, starting with browsers, Google, your service provider, Facebook and WhatsApp applications, Gmail, and even your phone or Windows operating system. Therefore, be careful when using your email if you do not want to find it filled with spam.
Centralized platforms do not protect customer data, and some of them share, store, or sell it to third parties, so you should mainly use centralized platforms that do not require identity verification when you have to.

pinggoki

sr. member

Activity: 1442

Merit: 390

★Bitvest.io★ Play Plinko or Invest!

Quote from: _act_ on October 10, 2023, 08:56:06 AM

Is the message randomly sent to people? I think the hackers target Hong Kong Binance users and that can only be from data breach or insider work.

It's not randomly sent, there are hackers that scrape data on websites and there are people that are in-charge of getting data of large quantity of people and those people sell those data illegally to entities that are using those compromised data to do their nefarious deeds. These very things are the very reason why data are protected and why hackers sought them the most besides money and confidential files.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: shield132 on October 10, 2023, 01:28:40 PM

OP, thread's title is very misleading because "You data is not safe on centralized exchanges" has nothing to do with the given case. In article, we read that 11 users become a victim of phishing. It's their responsibility to check the url of where they enter the data. Centralized exchange is not an issue here. Even if these users ha self-custody wallets, they would still lose it because of their inattentivness.

Wrong. Go and read the news again, it is clearly stated in the news title.

If you want to argue with the news and if you you do not want to be wrong, come up with evidence that it is not through KYC submitted on the exchange by the exchange users that led to the hack. Becuase 11 people were victims does not mean they are the only one that got a phishing message. If it is only one person, I will not think it can be through KYC, but if it is getting to more people, we can think it may be caused by KYC. If you have a good answer to the OP question, that is it not KYC breach? Then give evidence that it is not.

Binance users in Hong Kong lose $450K in wave of fraud texts: HK police: https://cointelegraph.com/news/hong-kong-binance-users-phishing-scam-jpex-crypto-scandal

Darker45

legendary

Activity: 2576

Merit: 1860

🙏🏼Padayon...🙏

Physical robberies and attacks are much more worrisome but also much less common than online theft. Apparently, the bigger problem in the crypto space today is more of the latter than the former. And this is exacerbated by the widespread growth of centralized platforms which collect personal information from its users. Although this is also largely due to regulatory policies, these platforms aren't without responsibilities.

Actually, it's a simply thing. No data collection means no data breach. Data collection means there's data to be stolen. So, I guess crypto users will have to try their best to avoid platforms which demand personal data.

Ludmilla_rose1995

full member

Activity: 1444

Merit: 156

#SWGT PRE-SALE IS LIVE

Quote from: Antotena on October 10, 2023, 01:16:10 PM

Quote from: _act_ on October 10, 2023, 08:56:06 AM

How do hackers know who to send messages to?

There is only way to not worry about centralized exchanges, data breach, and privacy breaking. The solution is never do KYC or simply avoid centralized exchanges, don't use their service, it will give you rest of mind and happiness. In short, when you see this type of news, you will walk pass like you don't know anything about it because they have nothing on you. Simply see kyc as criminal activity that people indulge in and we know when you don't do crime, you will not have any fear even if they(hackers) try to stop you.

That's right, the best way to avoid misuse of personal data is not to carry out KYC, but there are many people out there who still depend on centralized exchanges because they have great liquidity and can provide members with the funds they need quickly, I carry out KYC at The big local exchange in my country, I don't have the option to avoid KYC because my local fiat pair is only available on exchanges that require KCY, if there was an option to avoid KCY then I would choose that.

Peanutswar

hero member

Activity: 1498

Merit: 974

Bitcoin Casino Est. 2013

In my country even there's a implemented KYC with the Sim registration still their platform is not ideal to use because first the user can input a not real id for verification and still there's some messages came from different banks, casino and other platform that have event or seeking for assistance those are all ignored to my device. It's quite annoying but again there's no safe in the internet even though they agree with data privacy act still there's a chance our data might leak or they really sell it.

Quote from: Maus0728 on October 10, 2023, 09:15:37 AM

... now that the Philippines' health insurance corporation has been hacked and become a victim of ransomware, SMS and email of millions of people could have fallen victim to these attackers—a reservoir for bad actors to steal not only money but also PII (Personally Identifiable Information) that they can use to exploit. Roll Eyes

Actually there's a lot of rumor here some people say it's an inside job so they can earn a money, some of them really tell that the Philhealth was hack and at the end of this point it's a government mistake because they didn't hire a cyber security and a good defender security too to their company. We know PH government didn't focus here too much.

serjent05

legendary

Activity: 2842

Merit: 1253

Cashback 15%

As long as the information is saved in a cloud storage or can be accessed online, it will never be safe from hackers. It does not include centralized exchanges but also other centralized online services. Even the so called DeFi are constantly hacked. So we should always think that there is no 100% security when it can be accessed online.

It is also possible that there is an under-the-table negotiation where centralized services hold data of people and offer them to newly established companies for prospecting.

Alpha Marine

sr. member

Activity: 476

Merit: 283

This doesn't only happen with centralized exchanges, but all centralized institutions are liable to data breach.
There was a time this was a common way to scam people or their funds from their bank accounts in my country.
It's either people in the bank sell customers data to scammers or they're the scammers themselves.
It could also be that hackers have found a way in their system so they can get customers information.

You could open an account and within a week of opening the account you're receiving calls and emails from the said bank asking for login details and card details, only it is not the bank calling.
People are smarter these days to realize that it's a scam but people still fall for it a lot.

sokani

sr. member

Activity: 504

Merit: 421

Top Crypto Casino

Quote

Binance recently announced our partnership with Refinitiv, a know-your-customer (KYC) services provider company affiliated with Thomson Reuters. This partnership, through which Binance will utilize Refinitiv's automated KYC application on the world's leading cryptocurrency trading platform

According to this information, Binance has a KYC partner and the data breach could have come from Refinitiv or from Binance exchange. Where ever the breach might have come from, users still have a big role to play in safeguarding themselves. I want to believe not everyone who got the text message from the hacker fell for the click bait, so it's an issue of unawareness from the victims because this could have been avoided. It is still their responsibility to keep themselves well informed on cybersecurity and learn better ways to protect themselves.

Forever101

member

Activity: 334

Merit: 27

This is a serious matter, that's why its very important to get some of this guys to this forum so that they can learn and get updated just as this matter is discussed now. Information as such quickly get verified by experienced people on the forum and that help investors to be cautious as they read through people's post and comment regarding the issue.

Another means to get rid of this scam strategy is for centralized exchanges to always keep their users aware of such actions and how to avoid it.

serjent05

legendary

Activity: 2842

Merit: 1253

Cashback 15%

Quote from: Text on October 10, 2023, 06:14:19 PM

I don't trust unexpected text messages, especially with links. In any case, I visit the website to confirm if it is legitimate. It seems that hackers are behind this due to a data breach. Our identity is no longer safe in centralized exchanges once they are accessed by criminals. We know that KYC is a regulatory requirement in the financial industry designed to verify the identity of customers to prevent money laundering and fraud. However, when you do comply, your identity becomes vulnerable to risks, and the level of anonymity in transactions decreases. No matter how secure a platform may be, it's pointless if it's not responsible.

We should be cautious and do not click any link given to us without verifying the validity of the link. Often times malware is loaded on that link ready to inject our device system once we clicked it.

Quote from: Text on October 10, 2023, 06:14:19 PM

KYC is useless because it doesn't actually prevent criminals from using centralized exchanges. Criminals can simply provide fake or stolen personal information during the KYC process. This means that KYC doesn't make centralized exchanges any safer for their customers.

They can fake the ID but the exchanges have a filter to prevent that, and that is having a selfie while holding the ID submitted and a bond of paper with a writing of the exchange domain, and date. Though I agree that KYC does not make centralized exchanges any safer, it does verify if the person is really the owner of the ID submitted to the centralized exchange..

Text

hero member

Activity: 2352

Merit: 588

Bitcoin Casino Est. 2013

I don't trust unexpected text messages, especially with links. In any case, I visit the website to confirm if it is legitimate. It seems that hackers are behind this due to a data breach. Our identity is no longer safe in centralized exchanges once they are accessed by criminals. We know that KYC is a regulatory requirement in the financial industry designed to verify the identity of customers to prevent money laundering and fraud. However, when you do comply, your identity becomes vulnerable to risks, and the level of anonymity in transactions decreases. No matter how secure a platform may be, it's pointless if it's not responsible.

KYC is useless because it doesn't actually prevent criminals from using centralized exchanges. Criminals can simply provide fake or stolen personal information during the KYC process. This means that KYC doesn't make centralized exchanges any safer for their customers.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

Quote from: _act_ on October 10, 2023, 08:56:06 AM

How do hackers know who to send messages to?

Is the message randomly sent to people? I think the hackers target Hong Kong Binance users and that can only be from data breach or insider work.

This is what I can think of why hackers know where to send message. It's either data breach, insider and maybe from phishing although I don't think they will get many data from phishing. This should be the reason why KYC is not good and there could be a consequence that a person may face such like identity theft. It's better if we use decentralized exchanges where as we all know it doesn't require KYC before you can use it or a feature that an exchange have.

CryptSafe

sr. member

Activity: 728

Merit: 421

Quote from: _act_ on October 10, 2023, 08:56:06 AM

How do hackers know who to send messages to?

Quote

Hong Kong police warned users of the scam in an Oct. 9 post to its Facebook page dubbed “CyberDefender.”

“Recently, fraudsters posing as Binance sent text messages claiming that users must click the link in the message to verify their identity details before a deadline, otherwise their account would be deactivated.”

Is the message randomly sent to people? I think the hackers target Hong Kong Binance users and that can only be from data breach or insider work.

Quote

According to the post, the phishing scheme has seen 11 Hong Kong-based Binance customers report combined losses of more than $446,000 (3.5 million Hong Kong dollars) in the last two weeks.

If it is someone like me, this is easily avoidable, but what if it gets to the hacker's selling peoples data to thieves and which can lead to physical robbery and attack.

https://cointelegraph.com/news/hong-kong-binance-users-phishing-scam-jpex-crypto-scandal

Why KYC is extremely dangerous – and useless

From the onset people have been warned about centralized exchange not to be safe for holding of large amount of funds or assets as the case may be. This information is not hidden anymore that one can not see it or use their common sense to know that centralized exchange is not safe. I believe that "there can never be a smoke without fire" so data leakage can not be a surprise to me because there is definitely an inside work to have aided in the hack to accessing customers information. This is why we are advised to know this "not your keys, not your coin" slogan.

Woodie

hero member

Activity: 1792

Merit: 871

Rollbit.com ⚔️Crypto Futures

Things I tell family and friends, if you haven't entered or played any lottery and you receive a message or call saying you have won X amount yet you did not play/buy a lottery ticket then you automatically know it's a scam!!! Same principle can be applied here, you have passed KYC and documents aren't expiring soon why would an exchange request you to go through the process again without any heads up before expiry... sometimes it takes your sixth sense to see through such scams.

By the way ,with below standards of safeguarding user data why do exchanges feel compelled to carry KYC checks on clients when they themselves can't guarantee security??

jrrsparkles

sr. member

Activity: 2380

Merit: 251

Eloncoin.org - Mars, here we come!

Physical attacks are less possible scenarios from the data breach but what they most likely will do is to attack them via phishing links and hopefully, they expect the prey to fall into the trap so it will be easy money for them.

This generation should know the importance of keeping their data to be safe in general not limited to exchanges alone, most data breaches happen on random websites where we used to submit our details for no reason at all and then it can be easily hacked then it will be sold then it can be used for illicit activities. Don't expose your status 24/7 but people are used to social media life and things are out of hand already.

Faisal2202

sr. member

Activity: 1204

Merit: 466

#SWGT CERTIK Audited

I am not based in Hong Kong but such attacks should be avoided easily if Binance comes up with something unique for the communication purpose. Which is already there, but those who are new to the crypto field and fall prey to such phishing links might not think of it. Because last time I checked, such phishing attempts also occurred in the Electrum desktop wallet. Where user activates it after many months and on the app he is asked to update the wallet in a built-in app pop-up notification.

Well, those who were active in the market did know that this pop-up notification was a phishing scam but that user was not active in the community and clicked on the link and updated the electrum wallet of those scammers and when entered the seed phrase lost all of his money.

The best way to confirm the signature but if the same system of confirmation of messages, sent by the Binance or any centralized exchange would be provided then it will be easier for the newbies.

By the way thanks for informing me about it.

Obari

sr. member

Activity: 602

Merit: 442

I buy all valid country Gift cards swiftly.

This is the only reason why I don’t trust KYC and I think there should be a serious screening before employing anyone to work in firms that require clients to submit KYC and this is because it is becoming very risky submitting KYC to online platforms and I’m sure to an extent, binance might be losing customers at least in Hong Kong.
Personally I have been a person who doesn’t have any issues with submitting KYC especially if I trust a platform and binance despite being a centralized exchange has been one of my favorite and I trust them but this news is already getting me scared and I hope they strengthen their security.

Topic: You data is not safe on centralized exchanges - page 2. (Read 384 times)