Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you shouldn't expect protection if something goes wrong. Take 2 minutes to learn more

Security

How To Protect your Personal Data on Social Media

  • 21 Sep, 2021

  • 4 Min read

Uphold Team photo
Written by

Over the past few years, cryptocurrency-related content has flooded social media channels. Much of it is genuinely educational, some of it, mindless chatter. In a world where we can connect and share information– fast, free and with ease — more and more people are learning about the digital space from within it. However, this content shift, from mainstream media to social, comes with its own risks. The crypto-sphere has increasingly become a target for phishing attacks and investment scams.

As crypto market engagement occurs predominantly online, malicious actors, groups and bots have leveraged social media sites, such as Twitter, and their technology underpinnings, to initiate a range of sophisticated criminal activities. Victims range from novices and everyday enthusiasts to more seasoned traders – even some well-established influencers have fallen prey.

The U.S. Federal Trade Commission reports that more than $80 million has been lost to cryptocurrency-related investment scams since October 2020, representing roughly a 1,000% increase compared to 2019.

We’ve already written a blog about how to know it’s Uphold emailing you, although the scope of our watchful eye extends to social media, too. Because we recognize how important it is to help our customers safeguard themselves online.

What is phishing? 

Phishing is a form of social engineering whereby cybercriminals dupe victims into providing their personal information. This refers to any form of personally identifiable information and includes but is not limited to: 

  • Email addresses
  • Home addresses
  • Date of birth 
  • Social security numbers
  • Passwords and Pins
  • Full name
  • Phone Numbers
  • Memorable recovery phrases for private wallets.

Whilst some of these details on their own may not appear to be much of a risk, when combined can be pieced together to initiate an identity theft online

Increased growth in social media activity for the cryptocurrency space 

On January 1st 2020Bitinfocharts reports that there were 13.62k daily tweets with hashtag #Bitcoin. A year later this figure had increased tenfold to 196.07k and by mid-May 2021, it peaked at 363.566K hashtags with #Bitcoin. Even when we look more broadly via Google searches and using the tool Google Trends which is a barometer they have for gauging general or retail interest in trending topics, with 100 being highest, 0 being lowest. The word “Cryptocurrency” between Jan 5-11th 2020 sat at 6. About a year and a half later in May 2021, it sat 100 – dominating search data. 

With this data, it’s clear the trend towards social media has increased, however, this has provided the opportunity for cybercriminals to target these sites. We’re seeing a lot of incidents/attacks occurring on sites such as Twitter, Youtube, Facebook, Telegram, Instagram, Reddit and others to name. 

What to look out for

 Investment Scams

  • These might come in the form of tweets or comments which say: “Contact John Doe at [email protected] and he’ll flip your $100 in BTC into $1000 in BTC”
  • They’ll ask you to make a small deposit and promise a higher return, but once the money is sent, they’ll usually block, or stop responding to the victim all around.   

Fake Giveaways and Airdrops 

  • Investment scams may also take the form of fake giveaways & airdrops where they tell you to deposit a small amount and following which, promise that you’ll get a larger value sent back to your wallets address. We’ve seen cyber criminals becoming more sophisticated and creating fake profiles pretending to be established exchanges, like us, or fake profiles of well-established cryptocurrency influencers. Please see real-life examples below 

  • Here are clear examples of Brand Infringement, where a page has been set up pretending to be us and offering a giveaway. Often, you can tell a page is a fake one as they usually include an extra letter, punctuation so that they can bypass the duplicate page rules. Please look out for these small username distinctions as well as verified ticks.
  • We report these pages on our end. If you see one please make sure to report such pages if you come across them so that the site’s algorithms can get better at automatically spotting these types of pages and taking them down.

                                           

Identity theft

  • Another way in which cybercriminals can use personal data shared online is to initiate identity theft. We see these happen when a profile is created pretending to be a trusted individual or institution, redirects you to a link that asks you to enter or DM your personal information. Information which can then be pieced together to perform theft of a personal account and/or funds. 
  • We’ve also seen attempts of identity theft occur via Customer Support related queries. Where the individual or group creates a profile and informs customers that “We’ll help you recover your account” and in the same as above, will take you to a form which asks you to enter sensitive details which you would never be asked by our official Customer Support channels.

Employment-related scams: There’s also a rise of incidents where individuals create fake job adverts in WhatsApp or Telegram groups pretending to advertise job roles at Uphold. Asking individuals to provide personal information and in some cases money, information which again can be pieced together to initiate an account takeover or identity theft. 

As we can see there are spelling mistakes and grammatical errors in this message which wouldn’t happen in our official recruitment processes. Please be aware of these and note that we’ll only ever post job openings via our official careers page linked here.

Summary 

  • We hope that this blog has given you an insight into the types of scams that are appearing online. As cybercriminals become more sophisticated in their approach it is important that the cryptocurrency community becomes more enlightened and proactive in our response to protecting ourselves and personal data 
  • Make sure you use strong passwords and don’t use the same passwords for your online accounts. 
  • As mentioned earlier, personally identifiable information such as email addresses, home addresses, date of birth, social security numbers, passwords and pins, full names, memorable recovery phrases for private wallets shouldn’t be shared. We’ll never ask you for this information, at least not altogether. So it’s important that you don’t share it 

Please make sure to read our blog on how we’ll contact you so you’re in the loop with our official lines of communication.

Uphold Team photo
Written by
  • Digital Money Platform
  • Other

Share article

Uphold Team photo
Written by
  • Digital Money Platform
  • Other

Share article



Uphold Europe Limited, Reg No. 09281410, Registered Office: Eastcastle House, 27/28 Eastcastle Street, London, United Kingdom, W1W 8DH

Uphold (FRN: 938277) is registered with the Financial Conduct Authority (FCA) for AML purposes and complies with the Money Laundering, Terrorist Financing and Transfer for Funds (Information on the Payer).

Uphold is also an EMD agent (FRN: 938277) of Optimus Cards UK Limited (FRN: 902034) which is authorised and regulated by the Financial Conduct Authority to issue e-money pursuant to the Electronic Money Regulations 2011.

Cryptoasset services offered by Uphold Europe Limited are unregulated and not covered by the Financial Services Compensation Scheme as well as the FCA’s consumer protection regulations. Cryptoassets are very high risk and speculative. You should be aware and prepared to potentially lose some or all of your money. You should carefully consider whether trading or holding cryptoassets is suitable for you in light of your financial circumstances. Gains may be subject to Capital Gains Tax and there may be extra charges when paying via credit card from your provider. Geographic restrictions may apply.

Fiat money payments and balances (fiat is another name for traditional currencies, such as GBP, USD and EUR) constitute regulated e-money and payment services. In providing fiat balances, you are being issued with e-money by Optimus and Uphold is acting as its agent. See specific e-money terms. E-money is not a deposit or investment account which means that your e-money will not be protected by the FSCS. Your funds will be held in a designated safeguarding account with a regulated financial institution. E-money will not earn any interest.

Uphold is certified for SOC 2 Type 2, ISO 27001, and PCI DSS, ensuring rigorous control over our information security management systems, data handling, and payment processing practices. Furthermore, we comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the UK Data Protection Act, underscoring our dedication to protecting the personal data and privacy rights of our global customers.

© 2024 Uphold Europe Limited. All rights reserved.