Many of us consider it common knowledge that SMS based 2FA is not secure. But as I recently found out, this knowledge actually not all that common.My niece bought some bitcoin on Coinbase back in mid-2017. Since then, I have advised her multiple times about properly securing her account and/or taking custody. I could see her eyes glaze over each time I brought it up. She did eventually buy a Ledger wallet, but unfortunately, she never withdrew to it. Nor did she set up app-based 2FA, or even move her bitcoin into the Coinbase vault.You can probably guess how the story goes. Yesterday she called me, told me that her bitcoin had been withdrawn from her account, and asked how to get it back. Turns out, she had been SIM swapped, the hacker used SMS to reset her coinbase password and withdraw her bitcoin, and was attempting to transfer more money from her bank account to buy more.Please, don't be like my niece. It's painful to see. If you insist on keeping your bitcoin on an exchange, at the very least, set up 2FA with Google Authenticator, Authy, or some other 2FA app (I use AndOTP). If your exchange has a cold storage vault, use it.Even better, take a little time to learn and understand how to safely take custody of your bitcoin with a reputable hardware wallet. via /r/Bitcoin https://bit.ly/3upcsMF
No comments :
Post a Comment