Estimated Reading Time: 8 minutes 40 seconds
“Bitcoin is not currency; it’s the internet of money “- Andreas Antonopolous
Bitcoins’ popularity and adoption have rapidly increased over the years. 2020 has seen significant institutional investment in Bitcoin and all-time highs, with the price surpassing $40,000.00 in January 2021 and over $64,000.00 in April. Many retail investors have also sought this amazing asset to add to their portfolio and use it as a hedge against deflationary FIAT currencies. In some countries, people use bitcoin to survive due to hyperinflation and totalitarian control of financial systems.
With all the hype surrounding Bitcoin, bitcoin-related scams are rampant, and scammers are finding more unique ways to take your asset. Persons new to bitcoin or the cryptocurrency ecosystem are more susceptible to falling victim to schemes and losing their bitcoin.
The purpose of this article is to highlight some of the common ways you can lose your bitcoin and strategies you can use to mitigate losses.
Before we dive deeper into the rabbit hole, let us review some terminology you will encounter throughout this article.
Seed words – Also called mnemonic phrases, are usually 12 (BIP32) or 24 (BIP39) words long. Your seed words are a human-readable backup of your entire Bitcoin wallet. These words can be imported into almost any wallet software to recover every single address, private and public key the wallet can generate. Your seed words are your bitcoin; anyone with access to them has access to all your bitcoin. It would be best if you secured them.
Passphrase – An optional, additional seed word that creates an extra security level against attack if specified upon wallet creation. If you use a passphrase protected wallet, you must have your seed words and your passphrase to recover your wallet. Store your seed words and passphrase separately.
Private key – These are a long string of letters and numbers. To spend any amount of bitcoin, a user needs to prove ownership by using the private key. Any wallet you create will have a private key. This is private and should not be shared with anyone. If someone has access to your private key, they can access all your bitcoin.
TEN COMMON WAYS TO LOSE YOUR BITCOIN
1. Insecure Backups
Your seed words (mnemonic phrase) are generated when you create a software wallet and are provided when purchasing a hardware wallet such as a Ledger or Trezor. This phrase is used to restore your wallet. If you created a passphrase for a particular wallet, you would also require it in addition to your mnemonic phrase to restore your wallet. Therefore, if you store them insecurely and lose them, you will not be able to restore your wallet and have lost your bitcoin.
- If you stored your mnemonic phrase and passphrase on a sheet of paper and it gets destroyed or lost – your bitcoin is gone
- If you stored it on your phone, and your phone gets stolen, lost, or damaged – your bitcoin is lost
- If you have over-complicated the storage of these phrases and you forget it – your bitcoin is gone
Be wise and store your phrases securely, not over-complicating the method of storage. We cover several methods of storage in our Cryptocurrency 101 Course.
If something happens to you, you would want your family or a loved one to be able to access your bitcoin. Final Message is a service you should consider for inheritance planning.
2. Phishing Attacks
These types of attacks are no stranger to the world of technology and are indeed quite present in the cryptocurrency-ecosystem. Phishing attacks trick individuals into willingly giving up access to their bitcoin under false pretense, [in many instances] via their mnemonic phrase. The attacks come in various forms.
- Compromised browser plugins used for accessing cryptocurrency-related products
- Websites that look similar to exchanges or other cryptocurrency websites. Usually, the website may have a letter changed or missing in the domain or a different extension. E.g., exchange.co or exchnge.com, instead of exchange.com
- Text messages or email pretending to be from a hardware wallet manufacturer, stating that there is a problem with your account, and instructions are provided for you to log in to the website to act quickly. In these instances, the websites are malicious (See b above), and once you enter your mnemonic phrase, your wallet will be drained.
- Messaging app scams. These scams seem to be more prevalent on Telegram.
- The scammers wait for potential victims to ask a question in the group, then private message them pretending to be from ‘customer support.’
- The scammer then attempts to build a relationship under the pretense of helping rectify the issue, when they are working towards getting the potential victim to give up their seed words, send bitcoin, or provide their private keys.
Under no circumstances should you enter your mnemonic phrase into any website. This is a guaranteed way to lose your bitcoin. If you purchased a hardware wallet and need to restore it, the mnemonic phrase should be entered directly into the wallet ONLY. Be cautious and wise when using Telegram or any messaging apps where you are part of a bitcoin or cryptocurrency-related group. Treat EVERY PRIVATE MESSAGE as suspicious, especially from strangers, or persons claiming to be group admins or support.
3. Exchange Hacks
“Not your keys, not your coins!”
Remember this saying when you purchase bitcoin on an exchange and decide to leave it there. Exchange hacks happen quite often, are unpredictable, and have resulted in thousands of people losing unprecedented amounts of money without the hope of recourse. Some of them have even been inside jobs. After purchasing bitcoin on an exchange, immediately withdraw them to a non-custodial wallet. Learn more about wallets in our Wallets Course.
Here is the formula you were looking for to succeed with trading cryptocurrencies – DON’T TRADE! Trading is a highly specialized skill that takes years to develop. Most persons who claim to be trading cryptocurrencies are gambling. What is worse is getting hyped by the potential of Margin Trading, using Trading Bots, or MLM and Ponzi Schemes offering hands-free trading, and do-nothing returns. Just do not do it; the odds are not in your favour. There is a high likelihood that you will get REKT! Very few can effectively trade the market and be profitable. However, your favourite MLM Scheme, YouTuber, Twitter Guru, or Telegram Signals Group, is not the way.
5. “Free Giveaways”
One of the biggest hacks occurred on Twitter on July 15th, 2020, where 130 high-profile accounts were compromised. The hacker posted numerous tweets to these accounts’ followers, offering to double the amount of bitcoin anyone deposited to the [hackers] bitcoin address stated on the tweets. Bitcoin to a value of more than US $110,000.00 had been deposited in one account before the scammers’ messages were removed by Twitter. Anything that sounds too good to be true probably is. No one is going to send you FREE Bitcoin!
Malicious software is one of the more complex ways bad actors use to steal your bitcoin. These attacks usually occur using ransomware or compromised software downloaded from phishing websites.
Ransomware attacks usually occur using malicious attachments or weblinks embedded in emails sent to a potential target hoping that they click on the link or attachment.
These emails are usually convincing as they are structured to trick the target into believing that it is from a known sender. Once the link is clicked, or the file is downloaded, it immediately encrypts the victim’s files, computer, or network. A ransom is then requested to be paid (in bitcoin) to regain access. There is no guarantee that your files would be unencrypted after the bitcoin is sent.
Compromized software (for example, a bitcoin wallet) downloaded from a malicious website manipulates the receiver’s address when the transaction is sent to the one owned and controlled by the scammer.
Always download software from a reputable source. If the software is opensource, it should be signed by the development team. If you know how to verify the download’s signature to ensure it matches the source, do so, as it proves that the software is from the vendor you expect.
7. Sending to the Wrong Chain or Address
These errors are not native to only newbies but can occur because of negligence.
For example, sending bitcoin (BTC) to a bitcoin cash (BCH) address or sending bitcoin to an incorrect address. Either of these scenarios can result in your bitcoins being lost, or in the case of sending BTC to a BCH address, very difficult to retrieve for a non-technical user. Slow down and verify the information before sending.
8. Complex Setups
“Keep it stupid simple!”
There are several ways to store bitcoin from basic mobile wallets to complex nodes with multisig (multiple signatures) wallets. The more knowledge and experience you have, the quicker the complex becomes easy. If you are new to bitcoin you may be tempted to have the most secure setup for your assets. However, with increased security comes increased complexity. There is no need to get over complex when you are now getting started as there are several wallets you can use that are not complex. As your holdings and knowledge increase, then gradually move to more advanced setups.
9. SIM Swapping
When an attacker gets control of someone’s phone, this is called a sim swap. This is a significant issue in the United States where attackers contact mobile service providers, stating that their sim (the victims) has been compromised. Therefore the services need to be transferred to another sim (one that they control). If the attacker is successful, they use SMS authentication to access emails, banking apps, online bitcoin wallets, and any other financial application that they can steal funds.
It is strongly advisable not to use SMS authentication but instead use multifactor authentication. Never keep bitcoin in any online wallet or custodial wallet like an exchange.
Be cautious of the personal information you put online as attackers require certain information about you for these attacks to be successful. Also, ensure you enable a security lock with your mobile provider to make any changes to your account.
10. Paper Wallets
Paper wallets come with several risks as they are quite obsolete and unsafe. Read more about them here. With the emergence of more advanced, user-friendly, and secure wallets, these wallets are not recommended and should not be used. Learn more about wallets in our Wallets Course.
Our mission is to be your leading resource for learning and exploring the world of cryptocurrency, finance, and alternative investing.
Since most of our content is FREE, your support goes a long way to helping us continue providing you with value. Here are some ways you can help:
- If you enjoyed reading this article, click here to tweet to tell others about it.
- Book a call with us
- Sign up for 1 and 1 consulting
- Buy something from our shop to support our work
- Join the discussion on matrix and access many resources
Have a question? Send us a message on Session.Want to support us? Awesome!