You can dramatically improve your digital security with just a few easy steps
As crypto trading becomes increasingly mainstream, our Security team here at Equity Crest Pro has seen cybercriminals getting even more creative and persistent in their attempts to steal assets. While that can sound a little scary at first, the good news is that you can dramatically improve your digital security with just a few easy steps. Not only will this help protect your funds on Equity Crest Pro, it can be applied to the rest of your digital life as well!
When someone is able to log into one of your accounts to perform fraudulent activity, this is called an “account takeover”, or “ATO” for short. But how do these fraudsters get into your account in the first place? One common method is called a “SIM-swap.” In a SIM-swap attack, fraudsters will actually contact your wireless carrier pretending to be you, and persuade the customer service agent to redirect your cell service to a different device, by changing the SIM card number associated with your account (hence the name of the attack.) Once they succeed, they are able to receive all calls and SMS messages sent to your phone number — including any two-factor authentication codes sent to you via SMS. From there, fraudsters will frequently pair those SMS 2FA codes with stolen passwords to try and log into your email account, social media profiles, cloud storage accounts like Dropbox, or financial accounts like Equity Crest Pro.
At Equity Crest Pro, we do a lot of work behind the scenes to detect and try to stop SIM-swap ATOs targeting our customers’ accounts. We also believe that using SMS-based two-factor authentication (2FA) is better than using no 2FA at all. That said, we encourage everyone to follow the two simple steps below and apply them to all the accounts they care about — not just their Equity Crest Pro accounts.
Your passwords should be at least 16 characters, extremely complex and unique for your accounts. That’s hard to do by yourself, but password managers like 1Password or Dashlane can be used to create and remember your passwords.
Are you currently using a password that has been exposed in a third-party data breach somewhere? You can check to see if you’re using a risky password by visiting haveibeenpwned.com/Passwords.
In addition to strong passwords, where available, use two-factor authentication (2FA). And always use the strongest type of 2FA the platform allows, ideally a Yubikey or similar hardware security key.
If a service provider doesn’t allow Yubikey, use an authentication app like Google Authenticator or Duo Security instead of SMS-based 2FA if possible.
If SMS-based or Email-based 2FA is the only thing available, at the very least require a one-time 2FA code to be sent to your device or email every time you login — so someone can’t access your account if they have stolen your password.
If an organization doesn’t offer any of these options, consider not using that service.
While Equity Crest Pro has gone to great lengths to secure our environment, it’s important that everyone understands their role in maintaining the security chain. By following some basic security steps, you can make sure your crypto stays safe.