At BTC Markets we believe cybercrime prevention can be easy to prevent. Most attacks can be avoided with common sense and a little technical knowledge. Online criminals are often trying to make their money as quickly and easily as possible. The more difficult you make it for them, the more likely they will move on to an easier target. The tips below will assist you in protecting yourself and your identity online.
Regularly update computer software
One of the best ways to keep attackers away from your computer is to apply patches and other software fixes on a regular basis. By regularly updating your computer, you help prevent attackers from being able to take advantage of vulnerabilities in the software that they could otherwise use to break into your system.
Choose strong passwords and keeping them safe
Avoid using easy-to-guess passwords or passwords based on your personal information such as your last name or login name. Use a mixture of lower- and uppercase letters as well as numbers. Select especially strong, unique passwords for protecting activities like online banking. BTC Markets recommends using a password safe with generated passwords.
Protect your personal information
Exercise caution when sharing personal information such as your name, home address, phone number, and email address online. Attackers will attempt to get your information in many ways.
If you are not sure about a link or a file attachment in an email, don't follow the link or download it, just simply delete it. It could be malware that once executed can allow attackers to access the data on your machine remotely.
Poorly worded emails
Things that indicate a message may be fraudulent are misspellings, poor grammar, odd phrasings, website addresses with strange extensions or entirely numbers where there are normally words, and anything else out of the ordinary. Additionally, phishing messages will often tell you that you have to act quickly to keep your account open, update your security, or urge you to provide information immediately or else something bad will happen. Don't take the bait.
Guard your email address
Spammers and phishers sometimes send millions of messages to email addresses that may or may not exist in hopes of finding a potential victim. Responding to these messages or even downloading images ensures you will be added to their lists for more of the same messages in the future. Also be careful when posting your email address online in newsgroups, blogs or online communities. Pay attention to privacy policies on websites and in software. It is important to understand how an organisation might collect and use your personal information before you share it with them.
Use two-factor authentication
BTC Markets and many other websites support two-factor authentication. Utilise it where possible. If you do manage to leak your online credentials the attacker will not be able to steal your personal information (or Bitcoins) if they do not physically have access to your phone at the same time.
Online offers too good to be true
The old saying "there's no such thing as a free lunch" still rings true today. Supposedly "free" software such as screensavers or smileys, secret investment tricks sure to make you untold fortunes, and contests that you've surprisingly won without entering are the enticing hooks used by companies to grab your attention.
While you may not directly pay for the software or service with money, the free software or service you asked for may have been bundled with advertising software ("adware") that tracks your behaviour and displays unwanted advertisements. You may have to divulge personal information or purchase something else in order to claim your supposed contest winnings. If an offer looks so good it's hard to believe, ask for someone else's opinion, read the fine print, or even better, simply ignore it.
Review bank and credit card statements regularly
The impact of identity theft and online crimes can be greatly reduced if you can catch it shortly after your data is stolen or when the first use of your information is attempted. One of the easiest ways to get the tip-off that something has gone wrong is by reviewing the monthly statements provided by your bank and credit card companies for anything out of the ordinary.
Additionally, many banks and services use fraud-prevention systems that call out unusual purchasing behaviour (e.g., if you live in Sydney and all of a sudden start buying goods in Russia). In order to confirm these out-of-the-ordinary purchases, they might call you and ask you to confirm them. Don't take these calls lightly—this is your hint that something bad may have happened and you should consider pursuing the activities described in the area covering how to respond if you have become a victim.
Know the recipient before sending funds
Only transfer funds to trusted recipients. Bitcoin transactions are irreversible. Before transferring funds from BTC Markets, always double-check you have the correct destination BTC address.
Watch out for ransomware
Ransomware (such as CryptoLocker) is usually propagated via infected email attachments in the form of an executable file. Once activated, the malware encrypts certain types of files stored on local and mounted network drives using cryptography. The private key is required to decrypt the data but this will only be provided if a payment (through either Bitcoin or a pre-paid cash voucher) is made by a stated deadline.
How do I defend against ransomware?
The best defence against ransomware is preventing infection in the first place. Take precautionary steps, such as backing up your data so you can restore to a last known uninfected state. CryptoLocker has been known to target Remote Desktop Protocol (RDP), so disable RDP if you are not using it. Never open an executable (.exe, .bat, .vbs, etc.) and filter for such files to prevent receiving emails that may be harmful. You can create rules within Windows or with Intrusion Prevention Software to disallow a particular, notable behaviour used by Ransomware, which is to run its executable from the App Data or Local App Data folders. If (for some reason) you have legitimate software that you know is set to run not from the usual program files area but the App Data area, you will need to exclude it from this rule.
Use of our services for illegal activities
BTC Markets is committed to reducing and preventing crime by reporting any issues or suspicious activity to the appropriate authorities. BTC Markets prohibits the use of our services for illegal activities including paying ransoms for ransomware or any other illicit activities. The addresses used to send bitcoins on our service are public information and each transaction is recorded for future traceability.
Below are some useful resources about protecting yourself online:
If you or someone you know has been a victim of cybercrime, please help by reporting it to ACORN at http://www.acorn.gov.au/.
For more information about any of the topics mentioned above, feel free to contact support.