Let’s say you want to log into your bank account. You type the URL in your browser, only you make a simple typo. Instead of an error page, however, you get a page that looks just like the bank login page you expect – it’s even TLS-secured. So you attempt to log in, only to get an error message.
Meanwhile, a hacker has just stolen your credentials via what we call ‘typosquatting.’ They log into the real bank site as you…and then what?
In the case of banks, there are safeguards against illicit logins. Even if the bad guy is able to transfer money out of your account, the bank is likely to catch the hack. There’s even a good chance you’ll get your money back – even before the police are called.
With crypto exchanges, in contrast, there are no such protections. Just this week, the UK and Netherlands police along with Europol and other crimefighting organizations shut down a typosquatting crime ring that had made off with €24 million in crypto (about $27 million).
4,000 victims in 12 countries had succumbed to the simple typo-based attack. Perhaps you were one of them.
In this particular case, victims might eventually get some of their money back, since the police shut down the operation – or maybe not.
But no one was minding the store. Crypto exchanges, in fact, cannot protect crypto owners from such attacks, due to the distributed nature of crypto. One simple typo may flush all your hard-earned crypto down the toilet, never to be seen again.
I’ll keep my money in a bank, thank you very much!
None of the organizations mentioned in this article are Intellyx customers. Jason Bloomberg neither owns, nor plans to own, any cryptocurrency or other cryptotoken, either long or short.