According to the International Data Corporation, organizations are expected to spend $91 billion on security solutions in 2018. Referring to the blockchain space, security analysts have found a list of problems with solutions related to detrimental events within cryptocurrency trading platforms.
1) Phishing emails:
This consists of hackers sending emails to users by claiming themselves of being a reputable company (trading platform).
Trading platforms frequently send emails to users for many purposes as a security matter. Hence, malicious players create emails that look identical to the ones that the trading platforms send, to obtain user’s sensitive data such as passwords. These emails usually have a hyperlink that directs the user to a website for “changing its password”, which triggers a situation where the user reveals sensitive data without knowing.
- Verify if the email address of the suspicious email is the same as the one on the official trading platform.
- Do not reveal sensitive information to unknown parties.
2) Phishing sites
In this case, malicious users create websites that are extremely identical to the trading platform ones, with the only difference that they change the domain with a common spelling mistake.
A trading platform website with a name such as “The Crypto Exchange” would be named with a common spelling mistake such as “The Crypto Exhange”. Once users are on the website, they will log in revealing their private data.
- Save the trading platform website as a favorite on the browser for not having to type it again.
3) Email Hacking
In this case, the hacker takes control over the user’s account through the email address that is linked to the trading platform website.
Once malicious players find which email address is linked to the trading platform website, they will try to change the current password. One of the manners for changing the current password is by guessing the security question. After they change the user’s password, they might link the account to a new email address of their preference.
- Google Two-factor authentication (2FA) is a useful tool for enhancing account’s security and avoiding this event.
4) A flaw of Google Authenticator
TeamViewer is a tool that allows individuals to access their desktop computers from any part of the world. This means that if an individual has this tool installed on its computer, there is, a small but still is, a probability that the hacker could access the user’s private data.
The hacker accesses the Google Authenticator that would be in a web browser in this computer. After accessing this information, the hacker is able to change the password of the user’s trading platform account obtaining absolute control over the account.
- Google Authenticator is more secure if the user installs it on its mobile device rather than the desktop computer.
This list of problems and solutions are merely a few of many manners of how data breaches could happen. Frequently, users do not realize the importance of preparing for the worst-case scenario in order to prevent undesirable events.
Image Source: “Flickr”