How to Protect Your Mobile Device From Crypto Scams
With the increasing popularity and value of cryptocurrencies, there has been a corresponding increase in crypto scams - and mobile devices are certainly not excluded from the mix. These scams can take many forms, but they all have one goal: stealing your hard-earned cryptocurrency.
This article will cover various mobile device scams, and teach you how to protect your device from them. Let's start!
What Are Mobile Device Scams?
According to bankmycell.com, the number of smartphone users stands at around 6.92 billion as of February 2023, representing a smartphone penetration rate of 86.34%, i.e 86.34% of the world’s population owns a smartphone (by means of phone numbers).
Mobile device scams are any type of scam that uses a mobile phone or other mobile devices to target victims. They can come in the form of malicious apps, text messages, websites, or even phone calls.
Some mobile device scams will try to trick you into giving them your personal information, such as your crypto exchange account information or wallet keys. Others will try to get you to install malicious software on your device. Some will even just try to trick you into sending them cryptocurrency.
Avoiding mobile phone scams is now an active part of our lives, especially since new ways to try and trick people are being created every day. However, some scams aren't always obvious, so it's essential to know how to spot one in order to protect yourself from it.
Additionally, check out our security notice that will help you activate all the necessary security measures in order to protect your funds on KuCoin.
What Are the Different Types of Crypto Mobile Device Scams?
Mobile phones are almost considered parts of our bodies nowadays, and cybercriminals certainly know it. We always have our mobile devices with us, and we use them to access anything from cat videos to our most private data. We've linked bank and crypto exchange accounts, emails, and other sensitive data to our phones, making them a perfect target for crypto theft and fraud.
There are many different types of mobile device scams that could affect your crypto exchange accounts or wallets, with some of the most prominent being:
1. Mobile Virus Scams
2. Phishing & Vishing
3. Fake Crypto Apps (Fake Exchange Apps, Fake Wallet Apps, Fake Earning Apps)
4. Cryptojacking Apps
5. Clipper Apps
6. SIM Swapping
7. WiFi Breaches
Mobile Virus Scams
A mobile virus is a type of malware that can infect your mobile device just like a computer virus would. While visiting certain websites on your phone, you may have seen a page alerting you that a scan of your phone has revealed a virus infection, urging you to take immediate action towards downloading an antivirus app.
However, this app is actually malware or spyware that either tries to infect other devices or hijack yours. This may lead to scammers having access to all your passwords and accounts, including your crypto exchange accounts and crypto wallets.
The easiest way to protect yourself from these kinds of attacks is to ignore any web pop-ups, but also have cybersecurity on your phone.
Phishing & Vishing
Phishing is a type of scam where the attacker tries to trick you into giving them your personal information by masquerading as a legitimate website, app, or service. They do this by creating a fake login page that looks identical to the real thing. Phishing scams are some of the most common crypto scams currently.
Phishing scams also happen via SMS messages, and they are also known as "smishing." These scams try to make you act on the SMS sent, as they send the malware links. If you open the link, your device becomes infected with malware or spyware.
Vishing is similar to phishing, but instead of using a fake website, the attacker will use a fake phone call or text message to try and trick you. These types of scams are becoming more and more common, as they can be very difficult to spot.
The best way to protect yourself from phishing scams is to make sure you are using approved websites, and bookmark the ones that hold your sensitive information so that you can access them quickly. When it comes to vishing attacks, the key is to never give out your personal information, even if the person or website seems legitimate. Additionally, Make sure to set up your KuCoin anti-phishing code in your account settings.
Fake Crypto Apps
There are numerous types of fake crypto mobile apps that are created with the aim of stealing your cryptocurrency. Some of the most prominent versions are:
- Fake Exchange Apps
- Fake Wallet Apps
- Fake Earning Apps
Fake Exchange Apps
Fake exchange apps are exactly what they sound like - mobile apps that scam crypto investors into thinking they are the real ones. The most well-known example of such a cryptocurrency exchange app is most likely the one of Poloniex.
Prior to Poloniex's launch of their official mobile trading app in 2018, Google Play was already listing several fake exchange apps with the same name. Many users who downloaded the fraudulent apps tried to log in, thus basically handing over their Poloniex crypto account login credentials to the scammers. It goes without saying that their crypto holdings on the exchange were wiped out. Some other apps went even further requesting the login credentials of users' Gmail accounts.
When it comes to protecting your crypto investments against such scams, you can do several things, namely:
- Use two-factor authentication (2FA): it's important to say that, in our example above, crypto was stolen only from accounts that had no 2FA activated. While 2FA is not impenetrable, it is a big help as scammers will have a hard time bypassing it even if they have your exchange login credentials.
- Check the validity of the app you are downloading: you can do that by checking the number of downloads, reviews, and ratings - fake apps either have comments where people complain of being scammed, or perfectly flawless ratings.
Moreover, legitimate apps are developed by legitimate companies, and you can check the developers in the information provided on the app store. Additionally, you could head over to the official exchange website and check if the app they are offering matches the one on the mobile app store.
Fake Wallet Apps
Another category of crypto-related mobile apps that are often used to scam investors are fake wallets. While there are many different types of cryptocurrency wallets, the most popular ones are mobile wallets since they offer more convenience.
Since crypto values have been rising in recent years, scammers have taken advantage of that and created numerous fake versions of popular cryptocurrency wallets such as MetaMask, Exodus, Jaxx, Coinomi, and Ledger.
The aim of these malicious actors is to trick users into downloading the fake wallet app and then stealing their private keys or seed phrase. In most cases, the scammers manage to do that by simply mirroring the interface of a popular wallet and then changing a few words here and there.
To avoid being scammed by a fake wallet app, you should:
- Check if the wallet app generates brand new addresses before importing your own - if and once a new address is generated you can check if the generated wallet exists (most fake apps can spoof the wallet creation part as well).
- Use all the tips highlighted in the section on fake exchange apps.
Fake Earning Apps
Another category of malicious crypto mobile apps are the so-called earning apps. The premise of these apps is that they usually offer users a way to earn cryptocurrency by completing certain tasks. These apps usually market themselves as giveaways or fake high-yield earning apps.
In reality, however, most of these earning apps are simply scams created with the sole purpose of stealing people's crypto.
To avoid being scammed by a fake earning app, you should look for any red flags, such as high rewards in return for no work. You could also check the validity of the app by checking its ratings, developers, etc.
Another category of malicious crypto apps that we will mention are cryptojacking apps. Cryptojacking is a type of attack where the attacker uses your device to mine cryptocurrency without your knowledge or permission.
While most often associated with websites, cryptojacking can also be done via mobile apps. For example, there was an incident involving the popular game Fortnite where a cryptojacking script was injected into the game.
To avoid being scammed by a cryptojacking app, you should:
- Check the permissions that the app is asking for. For example, an app that wants to mine cryptocurrency will most likely need access to your device's CPU and GPU.
- Check if your mobile device is overheating, as mining is a very power-heavy task.
- Install a mobile antivirus that will help you detect malware.
The next category of malicious crypto mobile apps are clipper apps. Clipper apps are designed to replace your cryptocurrency wallet address with the attacker's address. For example, if you copy and paste your Bitcoin address to send some BTC to a friend, a clipper app will replace that address with the attacker's address instead.
To avoid being scammed by a clipper app, you should:
- Double-check the address that you are sending your cryptocurrency to.
- Install a mobile antivirus that will help you detect malware.
SIM Swapping Apps
SIM swapping is a type of attack where the attacker tricks your mobile service provider into transferring your phone number to a SIM card that they control. Once the attacker has your phone number, they can then use it to reset your passwords and gain access to your online accounts.
While SIM swapping attacks are not exclusive to the cryptocurrency space, they have been used by criminals to gain access to people's cryptocurrency wallets and exchange accounts.
To avoid being scammed by a SIM swapping app, you should:
- Use two-factor authentication (2FA) wherever possible. However, one thing to note is that you should avoid using a mobile phone 2FA. Rather, you should rely on apps such as Google Authenticator, as they are much safer.
- Avoid sharing your phone number on social media, as cybercriminals could use the information they find to impersonate you and steal your crypto.
- Be aware of any suspicious activity on your mobile device, such as unexpected text messages or calls.
While not exclusive to the cryptocurrency space, another thing to be aware of is WiFi breaches. WiFi breaches happen when a criminal gains access to your WiFi network and uses it to eavesdrop on your traffic.
If you are using a public WiFi network, then it is especially important to be aware of this, as criminals could use it to intercept any crypto transactions that you make.
To avoid being scammed by a WiFi breach, you should:
- Avoid using public WiFi networks to transact in cryptocurrency. Moreover, you should avoid connecting to unsafe WiFi networks if you hold a lot of cryptocurrency on your mobile phone wallets.
- Use a virtual private network (VPN) whenever possible to encrypt your traffic and make it more difficult for criminals to intercept your data.
- Be aware of any suspicious activity on your networks, such as unexpected devices or traffic.
Protecting Yourself in the Harsh World of Crypto Scams
As you may have noticed, every scam has its unique quirk or feature, but they all share a common goal, and have similar modes and methods of operation. New types of scams appear regularly, so you'll have to be prepared. However, using standard safety practices doesn't change that often.
Make sure you are mindful of the information you are holding on your phone, whom you are sharing it with (directly or indirectly), and avoid any apps or websites you aren't 100% sure aren't scams.
Consider using platforms and apps that have security as their main priority, as there will be no profits or gains if your funds end up stolen. KuCoin offers several features that will help you avoid scams, such as 2FA, mobile binding, email binding, trading passwords, and more.
As a bonus note, you may consider using a hardware wallet for the crypto you are holding, and store only the crypto you are trading or using on exchanges and mobile wallets.
While it may sometimes be tedious to have all these precautions, in the long run, you will benefit from taking proactive security measures and protecting your crypto assets from black swan security breaches. Stay tuned for more security tips!
Find The Next Crypto Gem On KuCoin!