create account

Why phishing crypto seed scams work: If you're reading this you're basically not the target audience. by jonklinger

View this thread on: hive.blogpeakd.comecency.com
· @jonklinger · (edited)
$90.78
Why phishing crypto seed scams work: If you're reading this you're basically not the target audience.
<html>

<p><a href="https://steemit.com/death/@jonklinger/be-prepared-how-to-manage-your-digital-assets-when-you-re-gone">A post on reddit</a> triggered my will to explain this. TL;DR: some random person&#x27;s bitcoins and ethers were stolen; he says he &quot;never&quot; provided his seed (I&#x27;ll explain later) to anyone and he is not a victim of phishing. After answering a few comments, the truth is discovered: he downloaded a fake app that requested that he provide it with the seed, the seed was sent to hackers, all hope is gone.</p>
<p>So; how did this happen? in order for this to happen, several failures had to occur. The first is the seed. Now, what is a seed? A seed is a 24-word passphrase that is basically a backup of your bitcoin wallet. I <a href="https://steemit.com/death/@jonklinger/be-prepared-how-to-manage-your-digital-assets-when-you-re-gone">wrote about it</a> when explaining how to backup your wallet. In <a href="https://iancoleman.io/bip39/">BIP-39</a> an improvement to the bitcoin protocol was implemented: each wallet has an &quot;easy to store&quot; seed, comprising of 24 words, that generate the private key. These words should be kept safe in storage, and only used to restore the wallet. I use <a href="https://cryptosteel.com/product/cryptosteel/">cryptosteel</a> (not an affiliate link) in order to backup my seed.</p>
<p>Now, the first thing that a hardware wallet tells you is to never put this seed on a computer. It should always be typed into the hardware wallet itself (<a href="https://wiki.trezor.io/User_manual:Advanced_recovery">there&#x27;s something a bit different on Trezor One</a> ). This is the first rule of recovering a wallet: never, but never, I mean <strong>never</strong> type your seed on a PC.</p>
<p>So, the poor chap that had his coins stolen broke this rule. Why did he break the rule? because he saw an error message that said &quot;please restore your wallet&quot;. Now, this is one of the reasons that you always need to question authority. Even when software prompts for a password, you need to stop and think on what you&#x27;re doing. Is this the right site or app? Why is it asking this.</p>
<p><img src="https://steemitimages.com/640x0/https://cdn.steemitimages.com/DQmPYmeiKHApvKQ3htUkAcbB4GabMggN8kw9JrwdBMJQZ7w/image.png" alt="image.png"/></p>
<p>I&#x27;ve just finished Ira Winkler&#x27;s &quot;<a href="https://www.amazon.com/gp/product/B08JSB5CHG">You CAN stop stupid</a>&quot;, a book about security, cybersecurity and the human factor. Ira keeps repeating a large percentage of people fall for phishing scams no matter what we do (<a href="https://www.computerweekly.com/news/252476845/A-quarter-of-users-will-fall-for-basic-phishing-attacks">and he&#x27;s right</a> ).</p>
<p><strong>So; if we know that the vector is to make people type their seed into a PC, we know what we need to stop</strong>. When the first hardware wallets were planned, there were multiple vectors they envisioned, and had safeguards to stop them: the first was a <strong>man in the middle</strong> attack. Meaning, someone would gain control over the PC (or phone, but when I say PC I mean the device that is connected to the network) or the network connection and then, when I try to send my coins, it will send the hardware wallet a different transaction. This is why there&#x27;s a double verification in these wallets. When you send a transaction (or receive, BTW), you&#x27;re prompted twice: once on your PC and once on the device, and you need to verify the transaction.</p>
<p>The second vector was a <strong>keylogger</strong>; this means that someone has a listening device on your PC. This was neutralized by doing all the important stuff on your hardware wallet: the PIN is programmed there, the seed is programmed there and the transaction needs to verify there. This means that even if someone has control over your PC, without pushing the actual buttons on the hardware wallet, they can&#x27;t take away your coins.</p>
<p>But the fact is, that having such a good device still has the STUPID vector: people giving away their seed backup. The seed is the central point of failure: if it gets lost, you lose access to your coins, if it gets stolen, you lose access to your coins, if someone corrupts your seed, you lose access to your coins.</p>
<p>Now, add to this that Ledger, one of the major players in the hardware wallet industry <a href="https://www.investopedia.com/hackers-leak-customer-info-from-crypto-wallet-ledger-5093577">suffered a severe hack</a> that exposed email addresses. This means that if you were on this list, you most likely receive a dozen phishing emails per day. This is how they act.</p>
<p>First, you receive a message which is meant to scare you: there is something wrong with your device; please log in.</p>
<p><img src="https://steemitimages.com/640x0/https://cdn.steemitimages.com/DQmegPxpV1KN5rAZ5e8gi5pG8XW3k9nTfWj2yMCpGoD9Z9a/image.png" alt="image.png"/></p>
<p>Then, when you click this link, you will be transferred to a page where fake software would be downloaded.</p>
<p>So what do you have to do in order to have better seed protection? the first is a backup; this means that you mitigate the risk of losing your seed. The new Trezor wallets have a <a href="https://trezor.io/shamir/">Shamir Backup</a> that provides excellent protection and recovery. The second is doing something in order to avoid having the seed written down on any PC.</p>
<p>But you want to mitigate the risk of people entering their seed on a computer. In order to do this, you need to make sure it would be extremely difficult to enter the seed on a PC, while it would be extremely easy to do so on a hardware wallet.</p>
<p><strong>The BIP-39 mnemonic is extremely easy on a PC compared to a recovery on a hardware wallet</strong>. If we want to go from there to a new implementation, we need to use non-standard characters that are unique to the hardware wallet. Something like the <a href="https://omniglot.com/conscripts/klingon.htm">Klingon alphabet</a> or <a href="https://en.wikipedia.org/wiki/Ugaritic">Ugarit</a>. These are theoretically existent on a PC, but if some phishing software would request the 24-word seed, then a person typing it would need to install an Ugarit keyboard.</p>
<p>In this case, if we&#x27;re a hardware wallet company, we can purchase ads on the Google search for Ugarit keyboard, saying something like &quot;did a software ask for your 24-word seed and you&#x27;re looking for an Ugarit keyboard? you&#x27;re being scammed&quot;.</p>
<p>Adding this stage would increase security.</p>
<p>Now; the problem is that the 24-word vector is the most used one, and the one that most people fall to. It is increased due to the recent hack to the Ledger database that caused targeted phishing scams. So in order to mitigate this, you need to reduce both the motivation and the ability of hackers to target people. Google is doing a great job with identifying phishing emails; but that&#x27;s not good enough. Some people still fall to this scam.</p>
<p>We, as a community need to better explain to people, again, how important is the 24 word seed; but we still need to understand that people will fall to this scam.</p>
</html>
👍  , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , and 208 others
👎  , , , , , , , ,
properties (23)
authorjonklinger
permlinkwhy-phishing-crypto-seed-scamso-work-if-you-re-reading-this-you-re-basically-not-the-target-audience
categoryrecovery
json_metadata"{"tags":["ledger","hardware-wallet","trezor","scam","phishing"],"image":["https://steemitimages.com/640x0/https://cdn.steemitimages.com/DQmPYmeiKHApvKQ3htUkAcbB4GabMggN8kw9JrwdBMJQZ7w/image.png","https://steemitimages.com/640x0/https://cdn.steemitimages.com/DQmegPxpV1KN5rAZ5e8gi5pG8XW3k9nTfWj2yMCpGoD9Z9a/image.png"],"links":["https://steemit.com/death/@jonklinger/be-prepared-how-to-manage-your-digital-assets-when-you-re-gone"],"app":"hiveblog/0.1","format":"html","description":"Don't be scammed by people asking for your recovery seed. "}"
created2021-02-27 11:36:33
last_update2021-02-27 13:48:15
depth0
children12
last_payout2021-03-06 11:36:33
cashout_time1969-12-31 23:59:59
total_payout_value45.494 HBD
curator_payout_value45.283 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length7,250
author_reputation13,440,526,222,018
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,092,084
net_rshares176,615,554,675,624
author_curate_reward""
vote details (281)
@acidyo ·
lol, love the title
👍  
properties (23)
authoracidyo
permlinkre-jonklinger-qp6rtj
categoryrecovery
json_metadata{"tags":["recovery"],"app":"peakd/2021.01.3"}
created2021-02-27 11:56:06
last_update2021-02-27 11:56:06
depth1
children0
last_payout2021-03-06 11:56:06
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length19
author_reputation1,927,179,842,093,538
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,092,329
net_rshares8,931,520,168
author_curate_reward""
vote details (1)
@adysscheryl ·
am little old what is a seed  your seed etc.  but I kind read through this and re blog  it
properties (22)
authoradysscheryl
permlinkqp7kr8
categoryrecovery
json_metadata{"app":"hiveblog/0.1"}
created2021-02-27 22:21:09
last_update2021-02-27 22:21:09
depth1
children0
last_payout2021-03-06 22:21:09
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length90
author_reputation5,983,478,857,720
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,100,259
net_rshares0
@alt-runner ·
always and always check for any kind of things that ask for our seed.
in case of receiving email of trouble wallet. I will usually wait for official announcement on their social channel. But yeah some fall for it for some reason
properties (22)
authoralt-runner
permlinkre-jonklinger-2021227t2011980z
categoryrecovery
json_metadata{"tags":["ledger","hardware-wallet","trezor","scam","phishing"],"app":"ecency/3.0.14-vision","format":"markdown+html"}
created2021-02-27 12:12:21
last_update2021-02-27 12:12:21
depth1
children0
last_payout2021-03-06 12:12:21
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length228
author_reputation3,044,969,952,242
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,092,538
net_rshares0
@antisocialist ·
Nothing personal, just tired of watching folks ostensibly opposed to each other's approach to hive, team up to increase their curation rewards.
👎  
properties (23)
authorantisocialist
permlinkre-jonklinger-qp9p78
categoryrecovery
json_metadata{"tags":["recovery"],"app":"peakd/2021.01.3"}
created2021-03-01 01:52:21
last_update2021-03-01 01:52:21
depth1
children0
last_payout2021-03-08 01:52:21
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length143
author_reputation143,260,504,836,081
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,119,017
net_rshares-4,810,449,402
author_curate_reward""
vote details (1)
@antonireviewer ·
This has motivated me to be a whole more vigilant as a content creator.
properties (22)
authorantonireviewer
permlinkqp8yx7
categoryrecovery
json_metadata{"app":"hiveblog/0.1"}
created2021-02-28 16:24:45
last_update2021-02-28 16:24:45
depth1
children0
last_payout2021-03-07 16:24:45
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length71
author_reputation2,749,358,146,808
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,111,212
net_rshares0
@davidmuhammad ·
Sangat bermanfaat
👎  
properties (23)
authordavidmuhammad
permlinkre-jonklinger-202131t0212643z
categoryrecovery
json_metadata{"tags":["ledger","hardware-wallet","trezor","scam","phishing"],"app":"ecency/3.0.14-mobile","format":"markdown+html"}
created2021-02-28 17:21:03
last_update2021-02-28 17:21:03
depth1
children0
last_payout2021-03-07 17:21:03
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length17
author_reputation6,803,484,852,472
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,112,058
net_rshares-4,442,529,022
author_curate_reward""
vote details (1)
@hivebuzz ·
Congratulations @jonklinger! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

<table><tr><td><img src="https://images.hive.blog/60x70/http://hivebuzz.me/@jonklinger/upvoted.png?202102271343"></td><td>You received more than 1000 upvotes.<br>Your next target is to reach 1250 upvotes.</td></tr>
<tr><td><img src="https://images.hive.blog/60x70/http://hivebuzz.me/@jonklinger/replies.png?202102271343"></td><td>You got more than 50 replies.<br>Your next target is to reach 100 replies.</td></tr>
</table>

<sub>_You can view your badges on [your board](https://hivebuzz.me/@jonklinger) and compare yourself to others in the [Ranking](https://hivebuzz.me/ranking)_</sub>
<sub>_If you no longer want to receive notifications, reply to this comment with the word_ `STOP`</sub>



**Check out the last post from @hivebuzz:**
<table><tr><td><a href="/hivebuzz/@hivebuzz/pud-202103"><img src="https://images.hive.blog/64x128/https://i.imgur.com/805FIIt.jpg"></a></td><td><a href="/hivebuzz/@hivebuzz/pud-202103">Hive Power Up Day - March 1st 2021 - Hive Power Delegation</a></td></tr></table>
properties (22)
authorhivebuzz
permlinkhivebuzz-notify-jonklinger-20210227t140314000z
categoryrecovery
json_metadata{"image":["http://hivebuzz.me/notify.t6.png"]}
created2021-02-27 14:03:15
last_update2021-02-27 14:03:15
depth1
children0
last_payout2021-03-06 14:03:15
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length1,146
author_reputation132,811,190,913,744
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,093,934
net_rshares0
@manniman ·
Pretty well explained, nice job.
properties (22)
authormanniman
permlinkre-jonklinger-qp6v86
categoryrecovery
json_metadata{"tags":["recovery"],"app":"peakd/2021.01.3"}
created2021-02-27 13:09:42
last_update2021-02-27 13:09:42
depth1
children3
last_payout2021-03-06 13:09:42
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length32
author_reputation50,924,688,994,323
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,093,261
net_rshares0
@jonklinger ·
thanks!
👍  
properties (23)
authorjonklinger
permlinkqp6wzj
categoryrecovery
json_metadata{"app":"hiveblog/0.1"}
created2021-02-27 13:47:45
last_update2021-02-27 13:47:45
depth2
children2
last_payout2021-03-06 13:47:45
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length7
author_reputation13,440,526,222,018
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,093,748
net_rshares58,469,479,848
author_curate_reward""
vote details (1)
@beerlover ·
<div class='pull-right'>https://files.peakd.com/file/peakd-hive/beerlover/yiuU6bdf-beerlover20gives20BEER.gif<p><sup><a href='https://hive-engine.com/?p=market&t=BEER'>View or trade </a> <code>BEER</code>.</sup></p></div><center><br> <p>Hey @jonklinger, here is a little bit of <code>BEER</code> from @manniman for you. Enjoy it!</p> <p>Learn how to <a href='https://peakd.com/beer/@beerlover/what-is-proof-of-stake-with-beer'>earn <b>FREE BEER</b> each day </a> by staking your <code>BEER</code>.</p> </center><div></div>
properties (22)
authorbeerlover
permlinkre-jonklinger-qp6wzj-20210227t150309073z
categoryrecovery
json_metadata{"app":"beerlover/2.0"}
created2021-02-27 15:03:09
last_update2021-02-27 15:03:09
depth3
children0
last_payout2021-03-06 15:03:09
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length522
author_reputation23,075,497,499,146
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,094,623
net_rshares0
@manniman ·
You‘re welcome !BEER CHEERS 🍻  <br /><br /> Posted via <a href="https://d.buzz" data-link="promote-link">D.Buzz</a>
properties (22)
authormanniman
permlinkre-26yl764o48caljjor0d538
categoryrecovery
json_metadata{"app":"dBuzz/v3.0.0","tags":[]}
created2021-02-27 15:02:00
last_update2021-02-27 15:02:00
depth3
children0
last_payout2021-03-06 15:02:00
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length115
author_reputation50,924,688,994,323
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,094,601
net_rshares0
@poshbot ·
https://twitter.com/jonklinger/status/1365627704360521730
properties (22)
authorposhbot
permlinkre-why-phishing-crypto-seed-scamso-work-if-you-re-reading-this-you-re-basically-not-the-target-audience-20210227t113958z
categoryrecovery
json_metadata"{"app": "beem/0.24.20"}"
created2021-02-27 11:39:57
last_update2021-02-27 11:39:57
depth1
children0
last_payout2021-03-06 11:39:57
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length57
author_reputation5,554,335,374,496
root_title"Why phishing crypto seed scams work: If you're reading this you're basically not the target audience."
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id102,092,128
net_rshares0