Cryptocurrency is a popular investment in South Africa, and many locals have purchased Bitcoin, Ethereum, and other tokens with the hope of making large returns.
Others buy cryptocurrency to get involved with the ecosystem and experiment with the different applications of blockchain technology, too.
The burgeoning cryptocurrency industry is rife with scams and get-rich-quick schemes, however, and many newcomers might fall prey to these when starting out.
To help South Africans take their first steps into the world of cryptocurrency without burning their fingers, MyBroadband spoke to cryptocurrency established exchanges Luno and VALR.
Luno Africa general manager Marius Reitz told MyBroadband that users should observe good Internet security practices when signing up for an exchange, as well as be wary of enterprises which promise high returns.
“Don’t use the same login details for multiple accounts. Create a strong and unique password that cannot be guessed,” Reitz said.
“Don’t fall for get-rich-quick schemes, if it’s too good to be true then it is most likely a scam.”
He added that Luno customers who buy cryptocurrency as an investment and who never transact should disable cryptocurrency sends on their Luno apps, as in the event of unauthorised access, their crypto will be safely locked down.
It is also important to keep your private key safe on all platforms, as this grants complete access to your cryptocurrency wallets and the funds stored within.
VALR CEO Farzam Ehsani told MyBroadband that there are always risks wherever your cryptocurrency is stored.
“If you keep your cryptocurrency in an exchange, make sure you enable two-factor authentication, choose a strong and unique password, never share your username and password with anyone, scan your computer regularly for viruses, be aware of phishing scams, avoid using public or shared computers, and always log out of your account,” Ehsani said.
VALR CPO Badi Sudhakaran added that users who store the cryptocurrency they buy in their own hardware wallet should use a well-known, secure provider.
“Some advanced users prefer to keep their cryptocurrency in their own hardware wallets,” Sudhakaran said.
“For these users, it’s important to use a reputable hardware wallet like the Ledger Nano S and to ensure you keep backups of your keys in a safe place.”
When it comes to identifying and avoiding scams online, Reitz said the most common fraud which South Africans fall prey to is phishing.
“Cryptocurrency fraud happens in many ways, but one of the most persistent are phishing scams where people trick you into giving away your account information,” Reitz said.
“The most common phishing scams are email scams, where you receive an email that appears it is coming from Luno but in fact comes from a scammer, asking you for information or leading you to a fraudulent website.”
“Phishing websites are set up to look like Luno’s website, but everything entered there (like your username and password) gets recorded and can give scammers access to your actual Luno account.”
“To protect yourself against fraud, enable two-factor authentication. This requires two things to gain access to your account: your username and password and a one-time PIN that gets generated on your mobile phone,” he said.
Sudhakaran concurred that phishing was the most common method for stealing cryptocurrency, adding that users should never share their login details with anybody or click on links sent to them from unknown sources.
“Scammers can also use the sophisticated and targeted SIM-swap scam,” he said.
“This grants scammers access to the OTP numbers sent to those mobile numbers, which in turn allows them to drain victims’ funds into their own wallets.”
The best way to defend against phishing or SIM-swap scams is to activate app-based two-factor authentication on your account.
Identifying trusted exchanges
“There are more than 2,000 cryptocurrencies in existence, so it is important that the platform you use carefully evaluates the cryptocurrencies available on their exchange for credibility and liquidity,” Reitz told MyBroadband.
He advised customers to ask themselves whether they trust the team behind the service, whether the service implements secure key storage, if it has strong security features in place, if they undergo regular audits, and if the company behind it is backed by world-class investors.
“Check that the platform has divided its customer funds between a hot wallet (coins in the server) and a cold wallet (an offline storage area to protect the coins from hackers),” Reitz said.
The majority of Luno customers’ keys are kept in physical bank vaults, inside safety deposit boxes, which Luno calls its deep freeze storage solution.
Sudhakaran told MyBroadband that there were a number of key measures exchanges should have in place to ensure security.
“There are a few non-negotiable steps an exchange must take in order to secure customer funds. First of all, an exchange needs a crypto storage strategy to store the majority of its crypto assets offline in cold wallets,” he said.
“Second, it must comply with KYC/AML regulations to protect the platform and its customers from fraudulent activity. Third, customers must be allowed access to their accounts only from pre-authorised devices. Fourth, every sensitive transaction like withdrawing funds must be authorised by the customer using multi-factor authentication.”