A friend of mine recently created a new HitBTC account. He then transferred $1,000 of BTC from Coinbase to his HitBTC bitcoin wallet. Unfortunately, after 22, the $1,000 of BTC was never deposited into his account even though the wallet address he sent to was correct and blockcypher showed it was received.
My friend sent numerous support tickets to HitBTC that were only ever answered by their autoreply email. No one from HitBTC ever personally contacted him. Due to there being no contact info for HitBTC on their webssite, out of frustration, my friend did a Google search for HitBTC support and ended up calling Arcler Desk at 888-943-8697.
A person who identified himself as "Ralph J" took remote control of my friend's computer, offered encouragement that he could get the crypto reversed from HitBTC and back into his Coinbase account, but in order to do this, the cusromer service rep needed to get some info from my friend's Coinbase account. "Ralph" said he was sending a 2 Factor Authenticator code to my friend that Ralph needed to proceed.
My friend gave him the 2 Factor Authenticator code and thought everything was fine. Shortly thereafter, he checked his coinbase account and discovered his 12 Litecoin, worth about $2,700, were stolen of his account!
There is a very important lesson to be learned here, namely, it isn't the technology getting hacked that we have to worry about, it's us. As individuals, we are the weakest link in our defense against scammers who know how to use our trust and emotions against us. It's called "social hacking."
Here are some steps to help you avoid becoming a victim:
- Never keep your crypto on an exchange, not even Coinbase.
Any crypto that is kept on an exchange is at risk of being stolen. It can be stolen by someone accessing your account without your authorization, like what happened to my friend. It can also be stolen by hackers getting into the exchange's main account, or by the exchange itself going out of business. If my friend had transferred his crypto to a hardware wallet, even if someone accessed his account, there would have been nothing for them to steal.
I recommend storing your crypto on a Nano Ledger S. They are inexpensive, store a number of different coins, and in order to transfer anything you must have the physical device plugged into the USB of your laptop, and must press buttons on the device to authorize each transaction. No device ... no authorization. (Make sure, however, that your device is brand new, or if it isn't, make sure you reset it and create a new 24 word "seed phrase." The seed phrase can be used to create a copy of your device if it's ever lost or stolen. If someone sells you a device that includes a seed phrase, it's because they want to rip you off. To prevent that from happening, you can do a factory restore that will initialized the device, wipe the old seed phrase, and allow you to create a brand new one.)
Always use 2 Factor Authentication with every exchange.
Don't be lazy and don't share the code with anyone. EVER. In any circumstance. 2 Factor Authentication can be setup using an SMS confirmation code that is texted to your cell phone, or with an app called Google Authenticator. Make sure you write down your recovery phrase for each site you use Google Authenticator with so if your phone is lost or stolen, it can be reset.Never EVER share your private key.
This should pretty much go without saying, but hey ... why not say it. Giving anyone your private key is the same as saying, "Here's access all my cryptos." It lets them go into your account to take whatever they want.Never store your private keys or seed phrase in your email or on your phone (as text or as a photo).
As Hillary Clinton has proven, email is not secure! To make your accounts hacker proof, you need to store your keys offline. Again, this is one of the great benefits of using a Ledger Nano S. Save your keys to a thumb drive or store them off line in paper form (make multiple copies and put them in safe places).Make sure you know who you are dealing with.
This can be especially difficult when it comes to crypto companies, but even more so when it comes to the exchanges themselves, which is next to impossible. The problem my friend had started with HitBTC not depositing my friend's BTC correctly when sent it to the correct HitBTC wallet address. To compound problems further, they have never responded to his emails, even after 22 days! There is no customer support phone number and no way to contact anyone at HitBTC, and there are no authorities to contact because you don't even know where they are! A serious search of the internet provides no address information for HitBTC. No one has any idea where they are located, and there are a number of people reporting similar problems of being ripped off by HitBTC.
Being in an unregulated industry can be a double edged sword. The lack of transparency, means that we have often times have to trade our better judgement for the opportunity to make money. We're allowing our greed to win out over caution. As long as people are willing to accept the risk of losing all their crypto on an exchange, and are willing to accept the lack of transparency from the exchanges we do business with, our cryptos will always be at risk.
I hope you benefited from this article. Please follow and "up vote" so future articles will get increased exposure.
Thank you.
Hi. I am @greetbot - a bot that uses AI to look for newbies who write good content!
Your post was approved by me. As reward it will be resteemed by a resteeming service.
Resteemed by @resteembot! Good Luck!
The resteem was paid by @greetbot
Curious?
The @resteembot's introduction post
Get more from @resteembot with the #resteembotsentme initiative
Check out the great posts I already resteemed.