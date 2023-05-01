By Bob Eckel, CEO, Aware

Fraud was involved in approximately 40 percent of all cryptocurrency-related complaints according to a Consumer Financial Protection Bureau (CFPB) analysis published this past fall. And in an unfortunate trend, fraud represented more than 60 percent of CFPB-reported crypto complaints in September 2022 alone, the last month on record.

Given this escalation, crypto investors must educate themselves on how to ward against security risks or threats before money is lost. Here are some key security tips to keep in mind as you continue to navigate this burgeoning area of investing:

Consider A Crypto Platform’s Security

You’re likely doing some digging and research before deciding to work with any given crypto asset platform, but do you have any information regarding how they identify and stop fraud? If not, you should.

A good way to assess a platform’s commitment to dealing effectively with fraud is to assess if they have implemented modern current forms of authentication like biometrics into their offering. New biometrics industry developments, like biometrics-as-a-service (BaaS) or cloud-based biometrics, are enabling even smaller fintechs to offer highly effective, convenient, and reliable biometric authentication capabilities without the heavy up-front work. In short, there’s no excuse for security to be lax in today’s world.

Look at Data Protection

Even if the platform you’re evaluating uses biometric authentication, that alone is not enough to tick the box of “adequate security.” Forward-looking fintechs are making efforts to decentralize the data, avoiding the risks of having biometric information sitting in a central database. This ensures that even if a data breach were to occur, the risk of your biometric data falling into ill-intentioned hands is essentially slim to none.

Be Careful What You Post

Trend Micro recently issued a report exploring how social media is threatening the security of biometric data – and it’s in ways the average user might not even consider. A pertinent example is the #SideEyeChallenge trend on TikTok, in which users hold their eyes up close to their camera and attempt to measure their peripheral vision. This may sound fun and harmless, but in reality, these videos expose individual iris patterns that may be good enough to bypass many biometric iris scanners.

Whether we like it or not, when we post videos of ourselves online, we also expose facial images that could be used to bypass biometric authentication systems. Any business offering biometric authentication therefore needs to take additional security measures to ensure this doesn’t happen – this includes multi-factor authentication and liveness detection. However, individuals still have to do their part by being careful and mindful about what they post on social media and look for ways to Opt In or Opt Out.

Protect Yourself From Crypto-Clipping

Crypto-clipping is a new method used by thieves to steal your crypto investments. Thieves deploy tricky means to get you to download malware on your computer or other device, often luring you through content that appears harmless and safe. In situations where crypto-clipping malware is in use, when you copy and paste the wallet address where you’d like cryptocurrency to be sent, the malware instead copies and pastes the thief’s address. Since you merely did a “copy and paste,” you do not expect anything deleterious to happen, but when the funds do not deposit and you check the destination wallet URL, the realization that it was pasted and therefore sent to the bad actor is evident.

The good news is it is possible to protect yourself against crypto-clipping. If you own crypto investments, don’t ever install programs, apps or games from unknown sources, or; visit unknown sites. Absolutely do not click on content or links you don’t trust - including those shared via messaging apps on social media. If you must, use a different device for such activities. And always check the destination URL once you’ve done a copy and paste.

Be Smart(er) About Your Passwords

If you must continue to use passwords, make sure your password hygiene is excellent. A recent survey found that more than half of consumers use the same passwords across multiple accounts (meaning if a hacker is able to access one password, they are likely able to access multiple accounts). In addition, they often remain logged into accounts to avoid having to re-enter passwords, allowing your accounts to continually be hacked.

It’s best to use long, complex and unique passwords across your accounts in order to thwart hackers. Recent surveys report that compromised passwords cause 81 percent of all breaches, and the average person reuses passwords up to 14 times. Other good password hygiene practices include logging out of accounts and routinely changing passwords. While this can be tedious, these protocols are essential to protecting your investments.

While fraudsters will always attempt to find a way around the latest security measures designed to secure crypto transactions, you can substantially lower your risk by assessing the protections in place on the platforms you use for trading; understanding how your data is protected; guarding against crypto-clipping and being mindful of your social media activities. In addition, practicing a good password management regimen will go a long way toward protecting your investments. Crypto investors would be wise to take this advice to heart as would-be fraudsters will increasingly move to “follow the money.”

