How to Secure Your Account On a Cryptocurrency Exchange?

What's The Link? Should I Click It?

It's no secret that in 2022 attackers can access your data in a variety of ways. Many people know why downloading programs on the Internet from trusted and official sources is paid, because this is how we pay for our safety and the absence of unfriendly viruses. An unverified or suspicious link or resource should always alert the user. Indeed, most often, hackers gain access to the necessary data, login or password by using phishing mailings.

Under the guise of mass mailings from well-known brands, as well as personal messages on social networks, scammers send a direct link to a website that is outwardly indistinguishable from the real one, or to a website with a redirect, after which, by deceiving a user and entering the requested data, they gain access to the account.

Example: Anton uses one mail to register on several exchanges and uses two-stage protection. He knows for sure that all accounts that are connected with finances are registered to this mail. After some time, Anton receives a letter from a website where he never registered, asking him to confirm his credentials. Anton knows that he never created any account on this website. He doesn't follow the link and deletes the email. In this case, Anton doesn’t expose his data and, accordingly, assets to security.

And if you are not sure, or do not remember the fact of registration on certain websites, pay attention to the style of the letter.

Here are the Top 3 signs of phishing emails, the content of which may alert users:

The urgency of the requested actions

It is important for hackers to be sure you don’t have time to think whether the letter is worth your attention, and most importantly, a click. In this case, the attackers use the urgent pretexts “go through verification to avoid blocking your account”, “you won the prize”, “your lot was sold”. Below is an example of such phishing email content.

Fake domain address

The user should always pay attention to the address from which the letter is sent. That is why it is important to know the address of the sources you use. The same example below shows that the email sent from the specified address is probably not from the sender's company. Hackers also use second-level domain substitution. How to define substitution? The second-level domain that comes before the value .com, .io, .ru is always the address of the official website; if there is something else before these values, do not rush to follow the link. For example, btc-alpha.com is the official website of the exchange, while btc-alpha.verification.com is the wrong subdomain, which should be suspicious.

Request to enter personal data

In a letter or message that was created by scammers you can note the importance of the reason why you need to enter your data. If you find such a request, it is better to log into the system directly using the official link and make sure that the requested actions are necessary.

As you can see, standard ways to protect your account may not be enough, especially when it comes to finances, so it is important to pay attention to phishing tricks and be able to recognize them!

BTC-Alpha cares about your safety. To provide it, we strongly recommend that you follow the recommendations listed above so that the fraudsters do not have a single chance to steal your data or, much worse, funds, because security begins with your own caution and awareness.