What Is Cryptocurrency, & How Risky Is Investing in It

Many People Have Heard of It but Don’t Really Know How It Works

The crypto craze is an investment trend that’s grown in popularity the last decade. Many people seem to think it’s a quick way to get rich, but the Federal Trade Commission (FTC) found cryptocurrency accounted for the second highest scam losses in 2021.

So, What is It?

Cryptocurrency is a volatile digital payment system which does not rely on banks to verify transactions. Instead, it uses blockchain technology and does not exist in a physical form. It’s not regulated by any particular institution, like government or banks.

There is a big difference between the cryptocurrency and traditional currency. It’s not insured by a government like U.S. dollars deposited into an FDIC insured bank account. If your cryptocurrency account is ever compromised, the government has no obligation to help get your money back.

 

Why Is Cryptocurrency So Popular?

Many people relate the digital coin world to a precious commodity with a limited quantity, like gold. There are only so many coins available. The most popular versions are Bitcoin and Ethereum, but there are more than 19,000 different cryptocurrencies.

 

Investment or Gamble?

Like any investment, cryptocurrency can be risky. Some people, including well-known investors, consider it more of a gamble. If you plan to get into this form of currency, it’s recommended to have your finances in order. Don’t invest more than you can afford to lose. As you would for any investment, understand exactly what you’re investing in and start small.

 

Protect Yourself and Accounts

Guard your wallet. Just like your physical wallet, your cryptocurrency wallet security is essential. Lose the key and you could lose your funds permanently.

Use multi-factor authentication. It increases security because if even one credential becomes compromised, unauthorized users may be unable to meet the second authentication requirement.

Utilize a virtual private network (VPN). It protects you as your computers data traffic is routed through an encrypted virtual tunnel. A VPN is highly encouraged for cryptocurrency trades, purchases and payments.

Avoid Falling For Scams

A 2022 Better Business Bureau (BBB) study found cryptocurrency created a fertile environment for scams resulting in financial loss. BBB Scam Tracker data show that social media is the most common place victims find cryptocurrency scams. The FTC reports that 25% of all scams in 2021 began on social media.

Do not believe there are guaranteed returns. No one can ensure how an investment will perform.

Only scammers demand payment in cryptocurrency. No legit business will demand you to send crypto payment in advance.

 

If You’re a Victim, Report It.

Law enforcement agencies have pursued cases involving large cryptocurrency losses. Before an investigation can take place, victims need to report complaints and scams to help protect other people from falling victim.

Here is a list of where reports should be filed, click the name to file an online.

 

Take Precautions

The best defense is prevention. The tips below, while not all-inclusive, can help protect your business and personal devices from attack:

  • Install the Russian keyboard option in your Windows system – Some Russian malware gangs program their malware to check for the presence of Russian (or other Cyrillic) keyboards on the system. If they find it, they may not attack that system. While not a guarantee, this is a simple step you can take, for free, that will not impede your use of your system in any way:
    • Hit the Windows button and “X” at the same time
    • Select “Settings” then “Time and Language” then “Language”
    • Scroll to the Russian or other Cyrillic option.
    • Pick one, then reboot.
  • Maintain offline, encrypted backups of data, including system images and configurations. Test your backup data and files regularly — after all, there’s no need to pay ransom for data that’s accessible via backup.
  • Install software updates and patches as soon as possible.
  • Ensure that antivirus and anti-malware software is set to automatically scan and update.
  • Establish basic security practices and policies for employees, including strong passwords and multifactor authentication.
  • Educate employees on social engineering and phishing, including how to spot red flags and report suspicious activity.
  • Restrict internet access. Use a proxy server for Internet access, and implement ad-blocking software. Restrict access to common ransomware entry points, such as social networking websites.
  • Use a secure email gateway/system to detect and block malicious emails, flagging external emails to alert employees of potential spoofing.
  • Block all unauthorized software from executing on all devices and servers.
  • Conduct regular vulnerability scanning and perform penetration testing to find and patch vulnerabilities.
  • Apply a policy of “least privilege” to all systems and services; users can only access required platforms.
  • Monitor your server, network and backup systems to detect unusual file access activities and network activity.
  • Implement Domain-based Message Authentication, Reporting and Conformance (DMARC) policy and verification to lower risk of spoofed or modified emails from valid domains.

Methods of Attack

Attackers have many methods of delivering malware, including:

  • Phishing emails:
    An email recipient opens a malicious attachment or clicks on a compromised link.
  • Drive-by download:
    A compromised website downloads malware onto your device without your knowledge.
  • Strategic attacks: These attacks target software vulnerabilities.
  • Remote desktop protocol compromise: A user logs on to a computer remotely, and hackers use brute force methods and credentials which they purchased on the dark web.

Responding to an Attack

If you ever experience a ransomware attack, don’t panic, take these steps:

  • Disconnect the infected system from the network to contain the spread.
  • Determine if a decryption key may be available; other organizations may have investigated similar malware.
  • Restore files from regularly maintained backups.
  • Notify your financial institution, customers and third parties that might have been affected by the attack.
  • Contact a cybersecurity expert or consulting firm
  • Reporting the attack! Contact a local Federal Bureau of Investigation (FBI) Field Office and/or file a complaint the FBI’s Internet Crime Complaint Center.