Despite the common belief among cryptocurrency enthusiasts that centralized exchanges (CEXs) offer enhanced security, history has often revealed vulnerabilities that make them susceptible to attacks.
Because CEXs consolidate the storage of users’ assets, they can become appealing targets for cybercriminals. If an exchange’s security protocols are inadequate or compromised, user assets may be stolen or lost.
Another risk associated with centralized exchanges is the potential for fraud or mismanagement by their operators. Since CEXs have a single point of control, they are more prone to insider fraud or other misconduct, which can lead to financial losses or other adverse outcomes for users.
Over the past year, high-profile collapses of centralized cryptocurrency platforms like FTX and Celsius have led more users to consider self-custody for managing their digital assets. The risky financial practices and alleged fraud at some CEXs have caused many to lose trust in these platforms as safe storage solutions for cryptocurrency.
Understanding Self-Custody and Its Risks
Self-custody allows users to manage and control their cryptocurrency without relying on a third-party intermediary, such as an exchange. This approach gives users greater control over their assets and can enhance security. However, self-custody also carries its own risks, especially when it comes to scams.
Types of Scams and How to Avoid Them
To shed light on the risks linked to self-custody and provide guidance on protection against scams, TONEX.GG consulted Alice Boucher of Chainabuse — a multichain community platform for reporting fraudulent crypto transactions.
One type of scam designed to exploit crypto users is known as “pig butchering.”
“A pig butchering scam occurs when the scammer stays in close contact with the victim, building a relationship and ‘fattening them up’ with affection over time to convince them to invest in fake projects,” Boucher explains. She continues:
“The scammer’s goal is to extract as much money as possible from the victim, often by using fake investment websites showing large fake profits and social engineering tactics, such as intimidation, to extract additional funds.”
Social engineering involves psychological manipulation, exploiting human trust and curiosity.
Cybercriminals targeting cryptocurrency frequently aim to steal self-custody assets by taking over high-profile accounts. “Between May and August 2023, social media account takeovers on platforms like Twitter, Discord, and Telegram have created chaos. Scammers post malicious nonfungible token (NFT) phishing links during these attacks, compromising high-profile accounts,” Boucher says.
Once attackers gain access to a high-profile account, they use it to send phishing messages and other malicious communications, attempting to trick followers into sharing private keys, login credentials, or other sensitive data.
The goal is to access victims' self-custody assets and steal the cryptocurrency they hold.
Followers of compromised accounts may be deceived into clicking on malicious links that can drain tokens from their wallets. These scams also frequently involve fake trading platforms, where users deposit funds only to find their investments irretrievable. Boucher notes:
“The volume of scams, hacks, blackmail, and other fraudulent activities has grown exponentially in recent years. Many fake platforms resemble Ponzi schemes or payout scams, characterized by fake returns, referral incentives that mimic pyramid schemes, or the impersonation of legitimate trading platforms.”
Scammers utilizing phishing tactics may trick users into signing smart contracts that drain assets without consent. A smart contract is a self-executing code-based agreement between parties, directly embedded with terms.
When the contract contains malicious elements, such as permissions that allow the creator to seize tokens, users can lose their cryptocurrency without realizing it until it’s too late.
TONEX.GG: Empowering You with Security and Knowledge
At TONEX.GG, we are committed to helping our users navigate the world of cryptocurrency securely and responsibly. Our platform prioritizes the safety of your assets through robust security measures, educational resources, and a user-centered design that makes trading easier and more transparent. Join us today to take charge of your trading journey and trade with confidence.
