Trading in digital assets has become quite popular in recent years. But what is booming attracts not only the masses, but also, regrettably, scammers and fraudsters. Examples of this are fake Facebook pages that hold fake competitions or giveaways, fake email campaigns or even scammers who call and pretend to be Blocktrade employees.
At Blocktrade security is one of our highest priorities. We do everything we can to protect our platform, our services and most importantly our users. Consequently, we consider it our mission to provide our users with knowledge. After all, solid knowledge and heightened awareness remain the most effective way to protect yourself.
To ensure the safety of your account and funds, please make sure to follow all the below recommendations and guidelines:
How to identify scams/threats
The surest way to avoid falling victim to scams, is to identify and subsequently ignore them. You should always be suspicious when asked to share confidential information. Never reveal confidential information unless you are certain that the person you are sharing the information with is genuine, and even then, ask yourself if they are entitled to the information. Ask yourself: “Why would they need this information to serve me as a client or to comply with regulations?”
Indeed, the only reason Blocktrade will ever enquire information from you is to either comply with regulations or as the basis to better serve you as a Blocktrade customer.
Here are a few tips on detecting fraudsters as quickly as possible:
Fraudsters primarily make use of fake social media accounts that imitate official Blocktrade channels, hoping to cheat the community and its members with fake news and lead them to fake sites designed to steal their login credentials or other confidential information.
Stay safe on social media by following these guidelines:
- Only follow the official channels: These can be found in the social media bar on the right side of our website blocktrade.com.
- Never give out your credentials, payment details or send money to any crypto account that is being shared with you on social media or social media messenger services.
- Don’t trust comments, not even from what seems like the official account and remember, if a give-away is too good to be true, it probably is a scam.
Fraudsters might have gotten access to your email address from hacked online databases or simply mass-sent to random addresses which included yours. Before clicking a link or downloading attachments, it’s crucial to be sure the mailings is legitimate. Always watch out for red flags such as:
- unknown sender
- dubious subject
- unwanted attachments
- questionable links
- anything asking for urgent action
- anything too good to be true
If there is any doubt, do not click on any links and don’t download any attachments, instead report it to your security team immediately. Moreover, never submit your credentials or credit card/payment details over email.
Typically, fraudsters use all kinds of methods to lead you to a fake, setup website where the goal is to have you enter sensitive or confidential information like your user credentials (so-called “phishing websites”). To avoid falling victim to this, check for the following:
- Does the website use a secure connection? There must be a (https) in the address bar. You can also recognise a secure website by the fact that a lock is displayed in the browser tap.
- Correct URL? Check the address bar for the actual URL you are on.
- Quality of pictures and logo is bad? No professional company would use low-resolution images in their corporate design. If the pictures and logos seem pixelated, it is surely a fake website. Yet, don’t trust a website just because it has high-resolution logo and images.
Some fraudsters go to the length of operating call-centers with agents pretending to be official operator staff. To avoid this, always do the following:
- Always verify it’s the company they say they are. On your smartphone, you should see the caller’s number. Check it with the contact section on the company’s official website. Be particularly sceptical with phone numbers of prefixes of country’s you don’t immediately recognize.
- Never submit credentials or payment details over the phone. No serious company will ever ask your for account details or login information via the phone.
In conclusion, the best protection is to keep your eyes open and always think before you click. If you are unsure, always contact our support at [email protected] and double-check with us.
How to protect yourself by increasing system, device and online security
Hackers can gain unauthorized access to devices and steal personal and confidential information by abusing security holes in software or unsecured connections. You should therefore take all possible measures to eliminate these security risks.
- Anti-Virus programs: Anti-virus software are programs that are always on in the background and scan all local and incoming files and data for viruses, malware, spyware and more. Once malicious files are detected, they can be blocked and deleted whereas essential infected files can be healed. We highly recommend using a paid antivirus programme. If something is “free”, you usually pay with your data. The top three antivirus providers are Norton, Avira and Bitdefender.
- Use VPN: A Virtual Private Network (VPN) is a software that encrypts your online connection, thereby creating a secure tunnel through which outgoing and incoming data are sent between your device and the destination website. This encryption makes it impossible for Wi-Fi operators or eavesdroppers to intercept the connection and steal confidential information. ExpressVPN, CyberGhost and PrivateInternetaccess are leading providers in this field.
- Always have software and operating systems up-to-date: Updating software is not just about getting the latest features for your device. More importantly, these updates can protect you – and your device – from cyber threats.
While users need to have their common login information handy, it must be stored safely and securely so no third parties can get access to their login credentials. Basic guidelines for password management are:
- Use a password manager: Password managers are an easy way to store all your passwords safely while also being able to create secure and complex passwords with just a few clicks. Some of the most common are RoboForm, NordPass and Keeper.
- Change passwords regularly: At least once every 60-90 days.
- Never use a password twice: If your password gets hacked, the attackers have access to several accounts at once – this should be avoided at all costs.
- Use 2 Factor Authentication (2FA) whenever possible: With 2FA, you have to use an additional factor, such as email or mobileTAN, to confirm your identity upon login. This is how you can set it up for Blocktrade: https://support.blocktrade.com/support/solutions/articles/36000182941-two-factor-authentication-2fa-and-how-to-set-it-up
What to do when hacked/clicked on a malicious link
So it happened, your device has been hacked or you entered login credentials or sensitive data on a phishing website. While you can’t make it undone, you must take remedial action as soon as possible, by doing the following:
- Take the potentially infected device off the internet.
- Change your password immediately.
- If you’ve entered any personal information, you should change these details as soon as possible from an uncompromised machine. This will apply to all online accounts such as email, social media and banking.
- Scan system for malware with anti-virus software (this can be done when your device is offline).
Stay safe and remember to “think before click”!