Despite the belief of many crypto enthusiasts that centralized exchanges (CEX) are safer, history often shows that centralized exchanges (CEX) are safer. vulnerable to attack.
Because these exchanges focus on the storage of user assets, they can be an attractive target for cybercriminals. If the exchange’s security measures are insufficient or successfully compromised, users’ assets may be stolen or lost.
Another risk of a centralized exchange is the potential for fraud or mismanagement by that operator. Since CEX may have a single point of control, it may be more vulnerable to insider fraud or other forms of misconduct – which could result in loss of funds or other negative consequences for users.
In the past year, with the collapse of major centralized cryptocurrency platforms like FTX and Celsius, more users have chosen to take custody of their digital assets. Risky financial practices and alleged fraud on some of these platforms have made many people distrust them as a safe place to store cryptocurrency.
Self-custody refers to holding and managing your own cryptocurrency instead of relying on a third party, such as an exchange. This approach gives users greater control over their assets and potentially provides a higher level of security. However, it also comes with its own risks, especially in the form of fraud.
Types of scams and how to avoid them
To better understand the potential dangers associated with custody and provide guidance on how to protect yourself from fraud, Cointelegraph reached out to Alice Boucher of Chainabuse, a multichain community platform for reporting fraudulent crypto transactions.
One scam that aims to take advantage of crypto users is called “pig killer.”
“A pig butchering scam occurs when the scammer stays in constant contact to build a relationship with the victim and ‘fatten up’ with affection over time to have them invest in a fake project,” Boucher said, adding:
“Scammers try to extract as much money from victims as possible, often using fake investment sites that show large fake profits and using social engineering tactics, such as intimidation, to extract more money from victims.”
Social engineering uses psychological manipulation tactics to exploit the natural tendencies of human trust and curiosity.
Cybercriminals in the cryptocurrency industry often aim to steal assets they hold themselves by taking control of high-profile accounts. “Between May and August 2022, the takeover of social media accounts – involving Twitter, Discord and Telegram – caused havoc. Scammers sent malicious NFT phishing links during the attack, compromising high-profile social media accounts,” said Boucher
Once these attackers gain access to a high-profile account, they usually use it to send phishing messages or other types of malicious communication to many people, trying to trick them into handing over their private keys, login credentials or something else. sensitive information.
The ultimate goal is to gain access to the assets held and steal the cryptocurrency held by the individual.
Followers of these high profile accounts may be tricked into clicking on malicious links that transfer all tokens out of their wallets. These scams may be designed to get users to invest in trading platforms and often result in victims losing their deposits without being able to get them back:
“The volume of scams, hacks, blackmails and other fraudulent activities has increased over the past few years. Most fake platforms appear to be Ponzi schemes or payment scams with the following characteristics: They advertise false returns, have referral incentives that resemble pyramid schemes or mimic existing legitimate trading platforms.
Scammers who use this phishing tactic can encourage users to sign smart contracts that drain their assets without their consent. A smart contract is a self-executing contract with the terms of the agreement between the buyer and the seller written directly into the code.
If the contract contains errors or is designed to take advantage of people, users may lose their tokens. For example, if it allows the creator to take the token to sell it, the user can lose the cryptocurrency by marking it.
Usually, the user doesn’t realize that the token is gone until it’s too late.
Self-custody can be a great way to control your assets, but it’s important to understand the risks and take steps to protect yourself from bad actors.
To protect yourself when using self-hosted wallets, it’s important to follow best practices, such as updating your software and using unique passwords. It is also important to use a hardware wallet such as Ledger or Trezor to store your cryptocurrency. A hardware wallet is a physical device that stores your private keys offline, meaning hackers also need physical access to engage in certain interactions with the blockchain, making them less vulnerable to hacking.