On Sep 8, 2022, we hosted a cybersecurity AMA via Telegram to address some concerns and questions regarding Bybit’s platform security, along with common safety threats our users face. Heading the program was none other than Wei Cai from the Bybit security team, who provided plenty of insight on the topic.
Here’s a quick recap of the AMA’s questions and answers, edited for brevity and clarity.
Wei Cai: Hi all, I’m Wei Cai from the Bybit security team. I’ve been in the cybersecurity field for ten years, and currently handle security awareness training in Bybit. Happy to be here to share security tips with our Bybit community!
We’ve collated a series of questions to help you understand common cyber threats, practice cyber hygiene to help you protect against cyber attacks, as well as useful Bybit account security settings that can strengthen your account.
What are the common cybersecurity threats faced by Bybit users?
Phishing is the most common threat. We see users reporting that they accidently clicked on a phishing link, which is a form of social engineering attack. In fact, based on statistics from PurpleSec, cybercriminals use social engineering in 98% of attacks because it’s easy to deploy and can trick the victim into sharing their personal information, opening infectious files, or giving them access to restricted data.
Following that, would be poor cyber hygiene. We often see users practice poor cyber hygiene (e.g., visiting websites that are not secure, downloading suspicious free software, and using weak passwords) which could lead to their personal devices becoming infected by malware. This would eventually result in their crypto or banking accounts being compromised.
Did you know that weak password practices are exploited in 81% of cyber attacks worldwide?
What are some social engineering attacks that I should be concerned about?
There are many types of social engineering attacks and new tactics are created almost every day. Let me share two of the most common — I’m sure some of you might have encountered at least one of them.
The first and most basic would be phishing, whereby attackers send messages pretending to be a legitimate person or entity, attempting to trick victims into clicking on a malicious link or revealing sensitive information. These messages are usually sent to a large group of people in the hope of someone falling for it.
Next would be spear-phishing, which requires a bit more effort. Attackers will target a specific group of people such as a Telegram community, sending well-crafted messages (e.g. pretending to be an admin offering help, or baiting you with gifts) to gain your trust. They will then trick you into clicking a link or providing sensitive information to feed their real motive.
Recently, we’ve even seen attackers creating fake captcha bots to trick new Discord users into verifying their identity via MetaMask.
At Bybit, we’re always sharing security reminders and tips to ensure our users don't fall prey to such phishing. So, do keep a lookout for the latest security tips!
As a Bybit user, how do I identify and protect myself against phishing attacks?
That’s a very good question! Here’s an example of a phishing email with tell-tale signs. Can you spot them?
Look out for typos: There are typos in the sender’s address
Look out for urgent requests or immediate deadlines: There is an attempt to bait you with rewards and urgent language such as "last day"
Double check the link: The link is unofficial — always check links before clicking them
Asking for account info: The email is asking for your login info, which is highly suspicious
Attachments or links: Always check attachments before clicking on them (e.g., the “.exe” file extension could trigger the download of a malicious program)
Sensitive information requests: Bybit will never contact you to ask for sensitive information such as account credentials and 2FA.
If you’re still unsure, simply reach out to our friendly Bybit support team!
I’ve heard about the loss of crypto funds via phishing attacks. How does this work?
Hackers buy stolen credentials (e.g., email addresses or mobile numbers) from the dark web or exploit other companies' systems such as social media to gain access to the victims’ personal info.
Next, they send phishing messages to the victims, hoping they click on a malicious link. They may also drop lures via social media channels, posing as customer support personnel or impersonating the social media accounts of trading platform CEOs.
Once victims click on the link, they will be redirected to a fake trading platform website and asked to enter their credentials and 2FA to reactivate their account. In reality, their account credentials and 2FA are being recorded. The attacker then uses this information to log into the victims’ actual accounts, where they gain access to any funds that come with it.
At Bybit, we strongly recommend users to be cautious about publishing personal information on social media. Click here to view our full list of official Bybit social media channels.
What are the top security tips for crypto traders?
Use strong, unique passwords. It’s highly recommended to use a password that’s at least eight characters long, containing at least one uppercase letter, one lowercase letter, one special character, and one number. We also strongly discourage reusing passwords previously utilized for other websites.
Use MFA authentication to have an extra layer of protection for your account.
Set a passcode on your device to decrease the likelihood of malicious actors obtaining your valuable information.
Use secure Wi-Fi. Public Wi-Fi can be risky, as cybercriminals often eavesdrop on your browsing to sniff out sensitive information such as usernames, passwords and phone numbers.
Regularly install, maintain, and update your antivirus software.
Never install unknown apps/software.
Do not reveal your personal and sensitive information.
Distrust everything. Look out for potential social engineering attacks.
Be extra careful when clicking on links or attachments from suspicious senders.
We also have a Bybit Learn page with plenty of articles, security guides, and information on trading cryptocurrency. Check it out here.
How can I be sure that the emails I receive are really from Bybit?
At Bybit, we have many tools available to improve our user experience. In this case, it’s our Bybit Authenticity Check!
Simply key in the telephone number, email address or URL that you would like to check, and our system will return a result. Try it for yourself when you’ve got the time!
What can I do to protect my Bybit account and funds against cyber threats?
We’re constantly strengthening our platform security so that all users feel safe on Bybit. Here are some features that I would strongly encourage you to enable:
1. 2FA Authentication
This can be done via the Google Authenticator mobile app, a one-time password sent to your mobile device via SMS, or even hardware tokens.
When used with your existing mobile security features such as fingerprint, iris and/or facial scan, it provides an extra layer of protection compared with simply authenticating via your computer itself — preventing remote hackers and persons with physical access to your computer from directly bypassing every layer.
At Bybit, users can bind their account with Google Authenticator. The best time to do this is immediately after you first log into your Bybit account.
Check out our Bybit Learn page for a step-by-step guide.
2. Anti-Phishing Cod
We have an anti-phishing code feature to assist you in determining official email messages from Bybit. Simply enable it in your security settings and set your anti-phishing code. Moving forward, you will see your anti-phishing code on the top-right corner of all Bybit emails.
3. Withdraw via Address Book
The Withdraw via Address Book feature ensures that only the addresses registered on your Withdrawal Address Book can be used to place a withdrawal request. Therefore, traders will not be able to input a new wallet address once they enter the withdrawal window, which protects your funds from being transferred to non-whitelisted addresses.
4. Account Activities
Lastly, you can monitor your account activity to detect potential threats such as suspicious logins. From there, you also have the option to monitor and deactivate suspicious accounts.
Where can I find the above security settings in my Bybit account?
It’s really easy — simply click on the account icon and look for Account & Security!
What should I do if I think my Bybit account is compromised?
Change your account credentials as soon as possible. If you use the same password across multiple accounts, change those passwords promptly as well.
Afterwards, contact us to trigger a 2FA reset at [email protected]. Our Bybit team is ready to serve you 24/7.
Thank you to everyone who participated in our Bybit AMA Special on cybersecurity. We hope it was a good experience with lots of helpful takeaways!
Join our Bybit community on Telegram today and stay tuned for the next one!