• jarfil@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    3 months ago

    Lower risk, lower reward. Keep in mind that 401k is not 100% guaranteed either.

    lose entirely with a social engineering attack or a SIM swap.

    SIM swap? You mean like SMS 2FA? (don’t use SMS 2FA, BTW).

    Anyway, if your risk scenario includes a “wallet inspector”, you definitely shouldn’t buy Bitcoin, or carry money around.

    • prole@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      Nobody is going to SIM swap you unless you have a shitload of crypto and let everyone know about it. It’s not an easy attack, so it would have to be targeted. Pretty easy to not be a target (not having millions of dollars of crypto on a wallet helps).

      • jarfil@beehaw.org
        link
        fedilink
        arrow-up
        1
        ·
        3 months ago

        I want to have a shitload of crypto and let everyone know about it… where do I post my receiving address…? 😅

        Anyway, my point was more about not using a SIM as a security mechanism, ever. It wasn’t designed as one, and still isn’t.

        As for being a target… something like 2 years ago, I had a chance to get a glimpse at a C&C panel for some malware. It didn’t bother checking your balance, just vacuumed all and every password from every app on an infected phone, along with all sorts of data about the phone, SIM, SIM2, etc. Cloning a SIM is so easy, they’ll do it just to get your $50 worth of NFTs.