“Hi is that Marco Oliver? I’m just calling about a recent breach in your cryptocurrency account, can you answer a few questions so that we can secure it immediately…“
This is the kind of phone call that has become commonplace for me in 2021. Until recently I wasn’t aware that the company named “Ledger” had been hacked and my information had been leaked online. Ledger is a hardware crypto wallet provider and one of the most secure methods for storing any cryptocurrencies you may hold.
The breach happened in June 2020 and the data was dumped publicly in December 2020. Although my password and other encrypted information wasn’t leaked, my full name, telephone number, email address and physical address were. This provides hackers and criminals enough information to be at least 50% more convincing than their usual phishing emails and “Am I speaking to Mr Oliver?” telephone calls.
Luckily I am super cautious and have been working with security and data long enough to navigate these traps. However, when you are working long hours and have 2 children under the age of 2 at home keeping you up at night, it is easy to fall for the scaremongering tactics. I came close recently to clicking a link that was tailored specifically to me and as a result thought I should write a quick blog post, highlighting the dangers we know are out there.
Find out if you have been hacked
It is important that people remain vigilant and you are able to easily check if any of your data has been compromised by visiting sites like:
Which provides a comprehensive breakdown of where or when you email or phone number has been leaked. Most recently Facebook has been hacked and the personal data of 533 million people has been leaked online. You can check yours by searching for your phone number on the site above.
Tips for keeping your data safe
As I work with secure data daily, there are a few tips that I follow and would encourage you to do the same:
Use a VPN. This will encrypt all your internet traffic and stop prying eyes in remote locations.
Install Antivirus software. I can recommend MalwareBytes.
Keep ALL software and operating systems up to date.
Only download approved software. Ideally only download software from official app stores or trusted software providers. If using work machines only use approved software.
Use a different password for every account (Dashlane and 1 Password are good password managers to help with this).
Never provide any information to unknown callers.
Check email headers. When reading an email, no matter how official, click the “Name” in the from section and it will reveal the user's email address. If the domain isn’t from the company then it isn’t them.
Check unknown telephone numbers, that sends you a text message with a link. A quick search on Google normally does the trick.
If you want to know more about any of these topics, it's worth listening to our podcast episode with Damon Rands of Wolfberry Cyber Security.