At Nexo, we have strict security policies in place to keep your cryptocurrency and your information safe. As a part of our security practices, we also ask our clients to take a series of precautions to ensure that no one else has access to their account.
Understanding how to identify scams and attacks is crucial to protecting your accounts and funds, especially since cryptocurrency transactions are irreversible. To make it easier for you to spot hack attempts, we’ve explained some of the most common methods that scammers may use to gain access to your account and make unauthorized transactions.
We hope the information below will be useful to you.
Account takeovers
Since Nexo’s most important communication channel is email, clients’ email addresses can be a target for account takeovers. If someone gains unauthorized control over your email, they could potentially gain access to your Nexo account. It is vital that you have good security for your email; this includes a strong password, security questions, and 2FA.
Phishing
Phishing attacks attempt to trick you into revealing your account username, password, or other personal information. This kind of scam can take several forms, below are a few examples:
- Emails: You may receive an email that appears to be from Nexo but was actually sent by a scammer, asking you for information or leading you to a fraudulent website.
- Websites: These websites may look exactly like Nexo’s website, but all the information you enter there, such as usernames and passwords, is recorded and can be used to hack your Nexo account. Such websites are often promoted through advertisements that look like they’re taking you to the legitimate Nexo website.
- Calls: Someone may call you, pretending to be from Nexo, asking you to provide your username, password, or other information.
- SMS / instant messages: Scammers may send you messages pretending to be Nexo officials and prompting you to share your username or password. They may also push you to open unsafe links.
Nexo will never call, email, or SMS/instant message you proactively and ask you for your username or password. If anyone contacts you personally claiming to be from Nexo and asks for sensitive information, do not reply and report them to our support team. Our support team is available 24/7 so don’t hesitate to get in touch.
Malware
This kind of account hack is done through software. Scammers gain access to your devices through complex programs that allow them to take control of your devices and steal your passwords or other sensitive information you may have saved on them.
Identity theft
This is when someone impersonates you after gaining access to enough of your personal information. Ill-actors will then attempt to open an account in your name and/or make unauthorized transactions. Identity theft most often occurs when your documents, like an ID card, passport, or driver’s license, get stolen. Note that documents don’t always need to be physically stolen, scammers can also steal your ID information through phishing or theft of personal devices like phones or computers.
Tips on Protecting Your Accounts, Information & Funds
To wrap up this article we’ve prepared some tips to help you keep your crypto secure:
- Create a strong password: Use a password with at least 16 characters. Do not share it or use it for other accounts. Password managers can help you generate and store strong passwords. We recommend LastPass, but there are many alternatives.
- Enable two-factor authentication (2FA): This is an added level of security that requires a unique code every time you log in to an account. The code is generated by your device and is required in addition to your username and password.
- Protect your email: Keep your email address secure so that nobody can access your Nexo account through your email. Most email providers support 2FA.
- Do NOT share personal information: Nexo employees will never ask you for your password or 2FA code, neither will they ask you to authorize transactions.
- Check the URL: Before signing into Nexo or clicking an ad, make sure you are on nexo.io. Scammers will often use similar URLs, so be sure to check carefully.
- Check the email domain: Any communication from Nexo will come from an @nexo.io address. If you have any doubts about the legitimacy of an email from Nexo, check with our support team.
- Lock your account: If you suspect your account has been compromised, contact our support team immediately.
Nexo cannot be held responsible for a loss of funds if you fall prey to a scam as stated in our Wallet Terms & Conditions. Regardless we will do everything in our power to help prevent such situations and assist you in securing your account.
You undertake to оbtain all necessary hardware, as well as to install all necessary software, including security and antivirus, for your use of the Nexo Wallet Services in accordance with these General Terms. You are solely responsible for keeping your device safe and maintaining adequate security and control of your username, password and shall be solely responsible for any access to and use of the Nexo Wallet Services through your device, regardless of whether such access may have been made without your knowledge, authority or consent. We will not be liable to you for any loss or damage resulting from such use. In case your device has been lost or stolen or has been accessed or used in an unauthorized manner, you shall notify Nexo of this and if the device has been accessed or used in an unauthorized manner, you shall, as soon as possible, reset the password.