Binance CEO Changpeng “CZ” Zhao is the latest figure in the cryptocurrency industry to warn against the increasing number of phishing attacks.
CZ took to Twitter on July 21 to warn his readers about phishing and other social engineering scams. He also recommended cryptocurrency exchange users rely on hardware devices for two-factor authentication (2FA), instead of using mobile carrier-based 2FA for example.
“Best to enable 2FA with a hardware device (Yubikey) on all crypto exchanges,” Binance CEO wrote.
Zhao’s warning came shortly after Uniswap founder Hayden Adams had his Twitter account compromised on July 20. After taking over Adams’ account, the attacker attempted to scam his followers through a malicious link posted on his page. Members of Crypto Twitter have quickly identified and warned others against the scam.
Adams subsequently restored access to his account in a matter of hours. He also promised to follow up with updates when ready.
The amount of social engineering attacks in the cryptocurrency industry has been rising recently.
In early July, LayerZero CEO Bryan Pellegrino became a victim of a SIM swap attack, which allowed hackers to take over his Twitter briefly. The exec suggested that the attackers used his speaker badge at the Collision conference, which he happened to put in the trash.
According to blockchain security experts, the trend of social engineering hacks like SIM swap attacks could be rising in the near future.
According to SlowMist chief information security officer “23pds,” SIM swapping also doesn’t require high-level technical skills. After Uniswap’s Adams reported he was back on Twitter, 23pds also referred to Cointelegraph’s recent coverage of SIM swap hacks.
“I was just doing an interview last week about the current state of sim swap hijacking, and I didn’t realize there were several attacks so soon,” he wrote. In the article, 23pds and other cybersecurity experts provided some methods to prevent social engineering hacks like phishing as well.
— 23pds (@IM_23pds) July 21, 2023
Among many others, one core protection measure recommended to take against a SIM swap hack is restricting the usage of SIM card-based methods for 2FA verification. Instead of relying on methods like SMS, one should better use apps like Google Authenticator or Authy.