While back-end security remains the primary defensive barrier protecting from malicious attempts against cryptocurrency funds, it is crucial that investors take steps to protect themselves from phishing scams and other attacks aimed at exploiting human error. To this end, Cobo Wallet has released an anti-phishing function which enables our users to activate an additional layer of security.
What is a Phishing Attack?
Phishing is a social engineering attack where a malicious actor attempts to obtain sensitive information such as usernames, passwords, or 2-FA codes, by disguising themselves as a trusted party through a seemingly legitimate electronic communication. This is often achieved through email spoofing, fraudulent websites and links, fake social media accounts, and chats impersonating as support teams.
These attacks rely on the notion that people are simultaneously the strongest and weakest link in a security system. Hence, rather than attempting to break through a strong defensive barrier, phishers seek to achieve their aims by piggybacking off of human error. As a result, it’s important to remain vigilant when reviewing your electronic communications, even if the message is from a seemingly trustworthy source. Common red flags include
- A message containing subtle spelling mistakes, strange syntax, or irregular phrasing
- A message sent from a derivative or misspelled domain name (ex: www.cobo-wallet.com, www.ccobo.com, etc.)
- An email asking you not to reply (an email spoofer will not receive the emails, it will go through to us
- Messages pressuring you into some sort of immediate action by creating a sense of urgency. (ex: an email threatening account expiration and asking for immediate user credential verification)
What is an Anti-Phishing Code?
An Anti-Phishing Code is a security feature that grants users an extra layer of account safety. Once a user has enabled their anti-phishing code, it will be embedded in all authentic emails sent from the trusted party. This code will help users differentiate between real emails from phishing scams, thereby keeping their user credentials and funds safe
How Does Cobo’s Anti-Phishing Code Work?
In order to set up your anti-phishing code, start off by tapping the ‘Me’ tab. From there, you will see the ‘Security’ page, and find ‘Anti-phishing code’ . Since this is a new feature it is automatically disabled, but you can simply click it in order to enable it.
You will now be prompted to enter your Anti-Phishing Code of choice. The code must be between 4–20 alphanumeric characters, and we advise you to choose a code that is reasonably complex and distinct from your other active codes/passwords on Cobo and others.
After you’ve submitted your new anti-phishing code, Cobo will email you a verification code to the address linked to your account. Once you’ve entered the verification code into the prompt, you will have successfully created your new anti-phishing code. From here on out, every legitimate email you receive from Cobo will contain the code that you have set.
If you ever decide to change your anti-phishing code, simply return to the security tab and repeating the above steps.
While it may seem superfluous to activate so many separate layers of defense, it’s important that crypto enthusiasts stay as safe as possible in the face of increasingly frequent and sophisticated attacks. As a result, we encourage our readers to enable additional security features such as Cobo’s anti-phishing code, as well as any similar options on other frequented crypto/wealth management platforms. And as always, stay mindful regarding all aspects of your digital life and be sure to regularly update your operating system, web browsers and antivirus software.