Marketing email lists have some of the poorest database security, and sometimes get sold to the highest bidder, or get easily hacked.
If you are using an exchange email that you gave to any newsletter, marketing promotion, contest, or gave to a business/company that you use, without realizing you had the “marketing/newsletter” box pre-ticked, your email may be out there with your name and some other personal information. And it could easily fall in the hands of scammers.
What are they using this for?
More likely for phishing.
So they’ll send you an email that sounds like it’s from Coinbase support with a fake link to a fake sign in page that will take your login and password when you think you are signing in on Coinbase’s real page.
Always check what email is sending you this. That’s usually a dead give away, because they usually wouldn’t be able to use Coinbase’s official email. It’s some bogus email with just the word “coinbase”.
Of course, one day, they might be able to hack an employee’s email. So this isn’t fool proof.
Another thing they could be doing is they’ll pretend they’re from Ledger or any wallet support, and ask for your 24 word keys, and take over your wallet.
It’s possible they are also using this list to then try to brute force emails to recover passwords. That’s a little less likely since it’s much more difficult, but still a possibility.
What can you do to protect yourself?
Luckily, it’s not difficult to protect yourself.
1-Use a 2FA on your exchange. That’s a 2 factor authentication. SMS 2FA can work but it’s the weakest type. There’s apps with 2FA codes for phones, biometrics, usb keys, etc…
2- Never give anyone your 12/24 seed phrases. They are for you only. “Tech support” never needs those.
3-Make sure you change your exchange email’s password regularly with a strong password. There’s simple password managers and password generators you can use. Some password managers are better than others.
4-Use a unique email for exchanges. You don’t have to create a new email account. Most emails can generate additional addresses for you. This way you don’t have the same email that might have fallen into the hands of a newsletter, marketing list, etc…
5- Avoid signing up to newsletter, marketing promotion, giving your email to businesses, unless it’s an email you use only for that.
submitted by /u/fan_of_hakiksexydays
[link] [comments]