Compliance conversations

15th June 2023

Safeguarding your BTC Markets account.

TLDR

Official BTC Markets accounts below:

• Website: https://www.btcmarkets.net/
• Blog: https://www.btcmarkets.net/blog
• Support & marketing emails: [email protected]
• Twitter: @BTCMarkets
• Linkedin: btc-markets
• Facebook: btcmarkets.net
• Instagram: btcmarkets_
• YouTube: @btcmarkets_au
• Caroline Bowler Twitter: @CaroBowler

How to confirm a legitimate BTC Markets platform.

With the rise in popularity of Bitcoin and other digital currencies, scammers are always looking for ways to deceive unsuspecting users. Therefore, it is crucial for you to know how to verify legitimacy of our websites, promotions, emails, and social media accounts.

Below, we will guide you through the process of confirming the authenticity of BTC Markets websites, emails, social media accounts and promotions. By following these steps, you can protect yourself from potential scams and ensure that you are dealing with the real BTC Markets.

Start with our official website.

The first step in verifying the legitimacy of BTC Markets is to visit our official website. The correct URL for BTC Markets is www.btcmarkets.net. It is essential to double-check the URL to ensure that it matches precisely. Pay close attention to any variations in spelling or additional characters that may indicate a fake or phishing site.

Examine support and marketing email addresses.

BTC Markets uses one official email address for support and marketing purposes: [email protected]. When communicating with BTC Markets via email, make sure the sender's address matches this official address. Be cautious of any unexpected or suspicious emails that claim to be from BTC Markets, as scammers often try to impersonate legitimate platforms to deceive users.

Verify social media channels.

BTC Markets maintains an active presence on various social media platforms. Here are our official social media channels used:

Twitter: @BTCMarkets

The official Twitter handle is @BTCMarkets. Ensure that the account you are following or interacting with displays this exact handle. Beware of accounts that closely resemble the official handle but have minor variations or additional characters. We are a Twitter Verified Organisation on Twitter and will have the yellow check mark next our company name.

Linkedin: btc-markets

The official Linkedin profile of BTC Markets can be found under the name "btc-markets."

Facebook: btcmarkets.net

BTC Markets can be found on Facebook under the name "btcmarkets.net." Verify that the profile has this precise name and that it has a significant number of followers and engagement. A legitimate account should have a blue verification badge.

Instagram: btcmarkets_

The official Instagram account of BTC Markets can be found under the handle "btcmarkets_."

YouTube: @btcmarkets_au

BTC Markets' official YouTube channel is represented by the handle "@btcmarkets_au." Check that the handle matches exactly.

When dealing with your account security, it is crucial to exercise caution and ensure the authenticity of the platforms and accounts you interact with.

By following the steps outlined above, you can confidently confirm the legitimacy of BTC Markets' website, promotions, email communications, and social media accounts.

Remember, scammers often employ tactics to deceive users, so always double-check the details and remain vigilant.

If ever in doubt, please reach out to our client support team via the secure ticking system on website.

15th June 2023

Smishing: The threat of SMS phishing.

In today's digital landscape, the dangers of phishing are well known. But have you heard of smishing? Smishing, also known as SMS phishing, is a social engineering attack that preys on individuals through text messages. Instead of relying on emails, smishers use SMS messages to deceive recipients into revealing sensitive information or taking certain actions.

These attacks are often orchestrated by impersonating trustworthy entities like banks, government agencies, or renowned organisations. The text messages employed in smishing attacks are carefully crafted to trigger urgency or alarm, coercing the recipient into immediate action. The tactics employed include enticing the recipient to click on malicious links, call specific numbers, or disclose personal details such as passwords, account numbers, or medicare numbers.

Smishers exploit the inherent trust and curiosity of individuals, counting on them to unknowingly divulge sensitive information or unwittingly install malware on their devices. To achieve their malicious goals, they deploy a variety of techniques. These can range from creating a sense of urgency to offering fake rewards or assuming the identity of someone familiar to the recipient.

Protecting oneself from smishing attacks requires vigilance, particularly when receiving text messages from unfamiliar or suspicious sources. Messages requesting personal information or demanding immediate action, should be approached with scepticism. Avoid clicking on links or calling numbers provided in unsolicited messages. If you receive a suspicious text, it is advisable to directly contact the organisation through a verified phone number or their official website to authenticate the message's legitimacy. Regularly updating your mobile devices and apps with the latest security patches can also help mitigate the risk of smishing attacks.

The implications of smishing extend beyond individual privacy and security. As these attacks become more prevalent, the global economy faces the consequences. Loss of trust in digital communications, financial fraud, and compromised personal information all contribute to a climate of uncertainty and financial instability. It is crucial for individuals, organisations, and regulatory bodies to remain vigilant, educate themselves about smishing threats, and take proactive measures to combat this evolving cyber threat.

ASIC has provided a checklist of common scams and ways to avoid them. To learn more, visit ASIC’s website.

8th June 2023

AI cloning voice scams: impersonating family members in latest fraud

The use of artificial intelligence (AI) is revolutionising phone scams, as fraudsters employ cloned voices of individuals' relatives, making their approach more convincing and sophisticated. The US Federal Trade Commission (FTC) has issued a warning about this emerging scam, where scammers contact unsuspecting victims, pretending to be family members, and utilising AI tools to enhance their deception.

FTC Chair Lina Khan stresses the importance of early vigilance as AI tools continue to advance, highlighting their potential to "supercharge" fraudulent activities. Scammers collect voice samples from social media and use AI algorithms to replicate the voices, employing text-to-speech software to mimic the distress of the victims' loved ones. By impersonating distressed relatives, scammers manipulate victims into revealing financial information or requesting funds for fabricated emergencies.

Khan expresses concerns about the further development of voice-mimicking technology, which could lead to an increase in scams and other detrimental activities.

In 2022, there were approximately 5,100 reports of phone scams in the US resulting in around US$11 million in losses. However, this represents only a fraction of the total fraud losses, which reached a staggering US$8.8 billion, marking a 30% increase from the previous year. The latest Targeting Scams report revealed Australians lost a record $3.1 billion to scams in 2022.

ASIC has provided a checklist of common scams and ways to avoid them. To learn more, visit ASIC’s website.

1st June 2023

Stay vigilant on phishing scams.

Phishing scams are becoming increasingly sophisticated and can be challenging to identify. It is crucial to understand how to spot these fraudulent attempts.

The Australian Competition and Consumer Commission (ACCC) reported that Australian’s lost $3.1 billion to scams in 2022, an 80% increase on total losses recorded in 2021.

If you come across a message or website that seems suspicious or off, exercise caution by refraining from clicking on any links, opening attachments, or downloading software.

Cybercriminals continuously adapt their tactics, such as leveraging current events to deceive victims. In some cases, they even impersonate trusted individuals or institutions like family members, banks, or workplaces to trick victims into revealing sensitive information or performing unauthorised actions.

To protect yourself from phishing attempts, it's essential to adopt four key anti-phishing behaviours:

• Safeguard your personal data: Avoid sharing sensitive information like passwords, financial details, or government ID numbers with unknown individuals or unreliable websites. Doubts about a site's legitimacy should discourage you from providing your email address or phone number.
• Avoid confirming passwords through links: When prompted to log in to a website after clicking on a link from a message, open a fresh browser tab or window and manually enter the website's URL. This precautionary measure prevents falling prey to fraudulent websites set up by hackers to collect your login credentials.
• Be cautious with urgent messages: Scammers often pressure victims to act quickly, exploiting the element of surprise. If a message imposes time limits or urgency, exercise scepticism and refrain from responding or clicking on any links. Tax scams, for example, commonly employ such tactics.
• Ignore too-good-to-be-true messages: Scams promising prizes, lottery wins, or financial opportunities that appear unsolicited should be treated with scepticism. Avoid engaging with the sender and report such messages to your email service provider.

Additionally, you can enhance your defence against phishing attacks by developing cybersecurity habits:

• Use a password manager to generate and store strong, unique passwords for each account.
• Enable multi-factor authentication to add an extra layer of security, requiring additional verification even if a password is compromised.
• Review your browser settings and consider enabling features like safe browsing or enhanced protection to receive warnings about potential threats and malicious downloads.

To improve your ability to identify phishing attempts, take advantage of resources like Google's Jigsaw team's quiz, which provides visual examples of sophisticated phishing messages, or Cisco's phishing quiz designed for employees. These tools help enhance your awareness and understanding of the techniques employed by cybercriminals.

Ultimately, staying vigilant and employing best practices can significantly reduce the risk of falling victim to phishing scams.

ASIC has provided a checklist of common scams and ways to avoid them. To learn more, visit ASIC’s website.