Kraken Security Playbook: How to Avoid Holiday Crypto Scams
Financial fraud has been a part of the trading business since its inception. If you were unfortunate enough to be on the wrong side of an insurance contract with Hegestratus, he would have you insure the cargo of corn on his ship. He would then remove the corn, sell the corn, sink the ship, and collect his payment. The year was 300 B.C.
Hegestratus was caught in the act and drowned after being chased by his angry victims. This represents the limitations of the times. Hegestratus had to carry out the fraud himself. In the digital age, fraud has become much more anonymous. A confident voice on the phone claiming to be from your bank, a pushy email demanding urgent action or your account will be closed.
Skilled scammers act without any remorse for the pain they cause to their victims and their families. They are experts at instilling visceral fear and a false sense of urgency. need to act now Take some time to think through the situation before contacting your financial institution to confirm anything.
Everyone has an important role to play in preventing these scams from happening. The good news is that the most powerful weapon against fraud is easily available to anyone and free to use. don’t do anything. Ignore requests that are burdensome or unusual. Hang up on the phone and don’t reply to texts or emails.
Then contact the financial institution the scammer claims to represent (use the customer service number provided on that company’s official website). The customer service representative will most likely provide you with the exact status of your account and confirm that everything is in order and that no action is required on your part.
Written by Nick Percoco, Kraken Chief Security Officer
Cryptocurrency scams are just the latest addition to a type of financial fraud that has existed for thousands of years. If the asset has value, the scammer will lie to you to get you to transfer that value to the asset.
Social engineering plays an important role. Social engineering involves a fraudster gaining the trust of the victim. Over a long period of time, often over dozens of back-and-forth communications, victims are persuaded to willingly send assets to the scammer.
This special approach to gaining the trust of time is called pig slaughter. Scammers often “fatten up” their victims over time through flattery and an obviously intense interest in their hobbies and activities. The “butchering” part only comes into play when the scammer feels he or she is in a position to extract large sums of money. Days, weeks, months, even years: If the potential theft is high enough, scammers will spend whatever time they need to gain your trust.
Most cryptocurrency scams involve scammers convincing victims to share a seed phrase (effectively a password) to gain access to their cryptocurrency. Whenever anyone requests your seed phrase, under any circumstances, they are requesting unrestricted access to your cryptocurrency. Stop. Hang up. Don’t reply to emails or texts. Don’t do anything.
Scammers know that if they do nothing, they will lose. Instilling fear is an effective tactic to force immediate action on the part of the victim. Scammers pose as scared family members who urgently need money to get home. Although these scams can be thwarted immediately if the victim texts or calls her family directly, scammers are good at embarrassing their victims and making them hang up. Hang up and calmly contact your family member independently.
Cryptocurrency fraud losses have received a disproportionate amount of attention, even though they account for a fraction of fraud losses from government-issued currencies. Sending a unit of monetary value to another party is a broadly similar process, regardless of the technology used to complete the transaction.
Another common fraud angle is the unsolicited “opportunity”. High-pressure cold calls from so-called boiler room “stock brokers” have been around for decades. Same deal: For no reason other than common sense, they are calling you, a complete stranger, to make you rich with a special opportunity to make a ton of money in a short period of time. Similar cryptocurrency scams exist.
Hang up, block the number, and don’t answer. If there was a legitimate opportunity to double your money in a matter of days or weeks, you wouldn’t pick up the phone and try to find a complete stranger to talk to about it.
Here are some tips to help you avoid scams:
- trust your instincts – Innately skeptical about offers, deals, or opportunities that seem too good to be true. When someone tells you that success is “guaranteed,” this is also a major red flag.
- Move slowly and act cautiously – Doing nothing is a powerful weapon. Most victims act out of fear, panic, or greed, which can override rational decision-making. There are few legitimate financial situations that require immediate action. right now. Verify the organization the caller claims to represent, call the customer service number listed on the legitimate website, and contact customer service if you have any problems.
- Check before you trust – If someone says they work for a company, don’t immediately assume it’s true. Most software providers do not proactively call you to resolve technical issues over the phone. If someone arrives at your home unsolicited, ask for personally identifiable information, even if they are in uniform, write down their employee number, and follow up with the company involved using official lines of communication. It may sound particularly paranoid, but scammers can easily purchase uniforms and fake IDs to gain their targets’ trust.
- understand your feelings – Scammers prey on human emotions that cloud the target’s judgment. If you feel pressure from an external party to complete a transaction quickly, terminate the transaction or correspondence if it causes you excitement, anxiety, or stress. Please do your due diligence as described above.
- Remember that scammers build trust – Trust scammers ask personal questions such as whether you are married, how long you have been married, and whether you have children. The answer will almost invariably be designed to create a bond. “Oh, that’s nice. I’ve been married here for 12 years. Little Jessica is 12 years old and Pete has just turned 5. “Isn’t this a really good age?” These lies are just designed to make you feel like you are talking to a friend, someone like you.
- Passwords, PINs, and login information are not for sharing. – Whether it’s the seed phrase for your digital wallet or the password for your bank account, your login information should always remain confidential. Legitimate companies or services will never ask you to share these details. The safest way to mitigate online risks is to use completely unique logins and passwords randomly generated by a password manager. This approach ensures that your credentials are strong and unidentifiable, while also isolating other accounts if the vendor is involved in a data breach or hack.
- Public profiles are also available to scammers. – Consider carefully what personal information you disclose in public forums, including social media. Many of these sites are created for a variety of purposes, but scammers use them to identify their targets and extract information that can be used to manipulate future victims. Do you use the same username on multiple sites? The scammer will likely already know the username of the account you are trying to access.
- Check your website URL very carefully.y – Online scammers can now create sophisticated copies of websites that appear at the top of search engines. These fake sites may appear identical to the original, except that the URL links are slightly different. Do you know a site you want to visit? Forget about searching the Internet and just type the address directly into your browser address bar.
- Avoid the urge to reply – Replying to unsolicited emails and texts can alert scammers that your email address or phone number is still active even if you indicate that you want to unsubscribe. Have you ever received a “hi” text from an unknown phone number? Answering “Who are you?” is often the first step in contacting a scammer.
- Take everything you see with a grain of salt – With the rise of AI and deepfakes, identifying authentic information has become more difficult than ever. As these technologies become more sophisticated, this will continue to become more difficult. It is important not to make financial decisions based on only one source of information. Take the time to verify information through second or third sources or randomly select online reviews from other customers who have used the product or service to ensure the content is authentic.
whenever If you are suspicious about an incoming call, email, or text (especially one asking you to trade personal information or assets), remember that your first best action is to do nothing. First, don’t do anything.
The holidays are a season of spending time with the people we love most. Follow our simple playbook and avoid sharing your cryptocurrency with people who wish the worst for you.
These materials are provided for general information purposes only and are not investment advice or a recommendation or solicitation to buy, sell, stake or hold any cryptocurrency or to engage in any particular trading strategy. Kraken does not and will not seek to increase or decrease the price of any particular cryptocurrency it offers. Some cryptocurrency products and markets are unregulated and you may not be protected by government compensation and/or regulatory protection schemes. The unpredictable nature of the cryptocurrency market may result in loss of funds. Taxes may be payable on the appreciation and/or reporting of your cryptocurrency assets and you should seek independent advice on your tax position. Geographic restrictions may apply.