Cobo, a bitcoin and cryptocurrency wallet application, announced it has implemented an anti-phishing function that enables users to activate an additional layer of security.
Once a user has enabled their anti-phishing code, it will be embedded in all authentic emails sent from the trusted party, in this case, Cobo. This code will help users differentiate between real emails from phishing scams, thereby keeping their user credentials and funds safe.
What is a Phishing Attack?
Phishing is a social engineering attack where a malicious actor attempts to obtain sensitive information such as usernames, passwords, or 2-FA codes, by disguising themselves as a trusted party through a seemingly legitimate electronic communication. This is often achieved through email spoofing, fraudulent websites and links, fake social media accounts, and chats impersonating as support teams.
These attacks rely on the notion that people are simultaneously the strongest and weakest link in a security system. Hence, rather than attempting to break through a strong defensive barrier, phishers seek to achieve their aims by piggybacking off of a human error. As a result, it’s important to remain vigilant when reviewing all electronic communications, even if the message is from a seems trustworthy.
Common red flags include:
- A message containing subtle spelling mistakes, strange syntax, or irregular phrasing
- A message sent from a derivative or misspelled domain name (ex: www.cobo-wallet.com, www.ccobo.com, etc.)
- An email asking you not to reply (an email spoofer will not receive the emails, it will go through to us)
- Messages pressuring you into some sort of immediate action by creating a sense of urgency. (ex: an email threatening account expiration and asking for immediate user credential verification)
How Does Cobo’s Anti-Phishing Code Work?
To set up the anti-phishing code, users must load their wallet app and go to the “Security” page, and find “Anti-phishing code.” The Cobo team decided that since this is a new feature it is automatically disabled. All users must do to activate the code is to click on the “Not linked” button.
Users will be prompted to enter an anti-phishing code of choice. The code must be between 4–20 alphanumeric characters. Cobo will then email the user a verification code to the address linked to their account. Once the verification code is entered into the prompt, the new anti-phishing code has been successfully created. From then on, every legitimate email received from Cobo will contain the code that has been set.
“While it may seem superfluous to activate so many separate layers of defense, it’s important that crypto enthusiasts stay as safe as possible in the face of increasingly frequent and sophisticated attacks. As a result, we encourage our readers to enable additional security features such as Cobo’s anti-phishing code, as well as any similar options on other frequented crypto/wealth management platforms. And as always, stay mindful regarding all aspects of your digital life and be sure to regularly update your operating system, web browsers, and antivirus software.”
– The Cobo Wallet Team
Discussion about this post