10 Avoidable Ways in Which Bitcoin and Cryptocurrency is Lost

 

Since the media began reporting on Bitcoin and other cryptocurrencies, there have been numerous tragic stories of people losing large stores of value held in digital form.

Some of these incidents of stolen or lost cryptocurrency were experienced by the inexperienced. The less tech savvy individuals, those who were unfamiliar with the basics of cyber security and overall safe storage of crypto assets. However it was not only the uninitiated in the space, even tech fundi and former editor of Wired had a close brush with losing $30 000 dollars worth of Bitcoin stored on a hardware wallet(1).

Time has shown there are various ways to lose one’s digital assets. Outright theft, scams, or even what is termed as ‘panic selling’ (2) a phenomenon seen in Wall Street and now in the Bitcoin trading scape.  Firsthand accounts paint a picture of vested parties losing money simply by trading during the 2018 fall in Bitcoin’s price from the $20 000 high, down to as low as $5 782, a drop of over %60 (3).

While these reported losses act as a warning to the causal investor to educate themselves and act with caution, they can also give the composite impression that it is almost impossible to store and own cryptocurrencies safely and securely. This however is not necessarily true. Bitcoin has been described as being “more secure than most existing financial services, including legacy banking platforms” (4). Thanks to Bitcoin and cryptocurrency’s inherently secure nature – there are many potential ways in which Bitcoin and other digital currencies are lost, which can be avoided.

 

 

Photo credit: Sparkle Motion

#1 Forgetting the Password to a Wallet

According to Chainanalysis, a digital forensics firm which specializes in studying the Bitcoin blockchain, a portion of an estimated $ 1.0 billion worth of Bitcoin has been lost to the blockchain through users losing access to their wallets (5).

A common way that people lose their crytocurrency assets is due to not writing down, printing out, or recording their sensitive wallet information when creating their digital wallet. These passphrases, seeds, and keys, are the keys to the kingdom. Without them, one is locked out of your wallet forever, and there is no “I forgot my password” button to fall back on.

In order to avoid joining the ranks of “I could have been a billionaire but I lost my passphrase”, it is sage wisdom to record and safely store sensitive wallet information. Many people do this by creating what is known as a paper wallet.

#2 Losing a Paper Wallet

Studies are now revealing that tidying up makes us happier and healthier (6, 7). But beware the clean sweep if you have left your paper wallet lying abound. An uninformed tidier will probably think the strings of letter and numbers is absolute babble and throw a paper wallet in the recycling.

The way to avoid these traumatic situations is to store paper wallets in secure locations such as safes.

None of us want to join James Howells(8) in dumpster dives to get back into a Bitcoin wallet address!

 

#3 Showing Somebody (or the Whole World) One’s Private Key

In 2013 Bloomsburg television host Matt Miller unintentionally provided the world with a valuable lesson in cryptocurrency security (9). In presenting his guests with a paper gift card for $20 worth of Bitcoin, Miller inadvertently exposed the QR code printed on the back to the cameras. Within moments, a savvy watcher had lifted the QR code and stolen the Bitcoin.

Although this incident ended happily, with the thief offering to return the Bitcoin, and Miller refusing, stating that he had earned it by providing a great lesson –  the average one of us does not want to repeat this lesson.

Revealing private keys is an absolute non practice when it comes to crypto wallets. You never reveal you private key (10), and any person who is requesting it is most likely planning on some form of theft.

 

 

#4 Selling the Lot Because the Media Said, that a CEO Said, that Bitcoin is Going to Zero

In the past media storm over Bitcoin’s surge and drop in price we have seen a number of CEOs giving their opinion on Bitcoin, cryptocurrencies, and their inherent or future value. These include well known individuals such as Jamie Dimon from Morgan Chase (11) and Lloyd Blankfein from Goldman Sachs (12) airing skeptical opinions as to the future value of Bitcoin and cryptocurrencies in general.

These kinds of statements from individuals high up within the corporate ladder have the tendency to scare many of us. So much so that it can cause what is known as ‘panic selling’, which is the rushed selling of an asset or commodity based on emotions, as opposed to judgment, planning or calculation (13).

Research has been shown that humans do tend to make illogical decisions when attempting to calculate uncertainty and manage risk (14). Basing a financial decision on the opinion of any singular member of our planet’s 7.6 billion population (15), could certainly be said to fall outside the category of logic.

And this works both ways. Recently the CEO of Twitter, Jack Dorsey revealed his opinion on Bitcoin, which is that it will the ‘world’s sole currency within 10 years’ (16). With the global market capital exceeding $80 trillion (17), and the supply of Bitcoin limited to less than 21 million (18), if that were to happen as Dorsey predicts, theoretically anybody holding on to much as a fraction of a Bitcoin should be indescribably wealthy by 2028.

While this may seem like more than enough ‘reason’ to rush out and convert everything you own into Bitcoin – doing so could equate to the worst idea ever. Basing financial decisions on other’s opinions is a risky move, although according to science, a common one (19).

 

#5 Storing Digital Assets on an Online Exchange

Within Bitcoin and cryptocurrency circles, the practice of storing coins on online exchanges is considered as a non secure practice. This is not surprising, considering the dollar value of assets which have been stolen from exchange wallets over time. According to a report released by blockchain security firm CipherTrace (20), in the last two years cyber criminals made off with over $1.2 billion in cryptocurrencies. 2018 proved to be even more fraught with fraud and theft, with the amount of stolen cryptocurrencies triple that in a six month period than what was seen in the whole of 2017.

In the face of these figures, there are still substantial volumes of coins held by exchanges. At the time of writing, the market cap of the total Bitcoin market sits at roughly $121 billion. Of this, a mere $3 billion constitutes the trading volume, the Bitcoin actively being bought and sold.

Of the ‘inactive’ Bitcoin which is held by exchanges, a portion is kept offline at any given point, in order to increase security. The general rule of thumb amongst platforms and traders is to keep 80-90% of funds offline (21). As it stands, there does not exist a way to make sure that the exchange which you are utilizing practices this at all times. However, it is possible to implement this best practice on a personal level to ensure maximum asset security.

 

 

https://www.flickr.com/photos/pictures-of-money/
Photo Credit: Pictures of Money

 

#6 Some Person or Place on the Internet is Saying They Will Double Your Money /Crypto… So of Course One Believes Them

Since its birth the internet has been home to various ‘double your money’ scams and false promises (22). And it would appear that internet fraud continues to escalate, with the UK Public Accounts Committee reporting approximately 2 million cases of fraud during 2017 (23).

Given these figures, and the get-rich-quick reputation hovering around Bitcoin and alt coins, it is not surprising that the crypto space has also been fraught with all manner of scams. The most recent being the rash of Twitter scam bots impersonating celebrities, and claiming to give away free cryptocurrency. All that is required is that one sends some first, and then the ‘celebrity’ claims they will send back double.

Of course this make no sense, however enough unsuspecting individuals have fallen for the scam for it to a have grown to a network of bots, over 15K strong according to research by Duo Labs (24). But perhaps this should not be surprising, given that behavioral economics has uncovered the fact that the thought of a financial gain can break down even basic functions of logic and rational thinking (25).

 

#7 Giving the Wrong Wallet Address When Sending or Receiving Cryptocurrencies

The aforementioned findings of the digital forensics firms Chainanalysis, show that a portion of an estimated $1.0 billion worth of Bitcoin has been lost due to users losing access to their wallets. The other portion of this ‘lost’ billion is made up of Bitcoin sent to the wrong address. Although not all of this is technically ‘lost and gone’ from the network, it gives an idea of the personal loss experienced by individual wallet users.

Just as revealing, a quick Google search throws up a multitude of cases where users accidentally entered an incorrect wallet address when sending or receiving cryptocurrencies. Unfortunately most often these users are not able to do anything about their error.

Bitcoin or other cryptocurrency sent to an incorrect or unintended address is usually irrecoverable (26) as cryptocurrency is designed to be chargeback free.

Therefore, it is important to always double check wallet addresses to avoid this human margin of error. Interestingly, the probability of entering a 10 digital number incorrectly, is 5 999 times more than of overfilling a bath. Considering that the average wallet address consists of between 26-35 alphanumeric characters, the chances of error when entering an address is even higher. If one takes into account how easy it is to overfill a bath, then it becomes clear that double and triple checking an entered wallet address is definitely a must for avoiding ‘I send Bitcoin to the wrong address’ regret.

 

#8 Playing Host to a Clipboard Hijacker

In order to reduce the previous hazard and human probability of error, some wallet users prefer to copy and paste wallet addresses when making transactions. This can substantially reduce human margin of error, however it increases the risk of a further possible loss of funds.

Recently a Chinese security firm Qihoo 360 Total Security released a report revealing the existence of a new virus which they termed a Clipboard Wallet Hijacker (27). It is categorized as a Trojan and upon taking up residence of a computer, monitors the clipboard, and analyzes whether or not any information held there is a Bitcoin or Ethereum wallet address. If it registers an address, it substitutes it for the address of the Trojan creator.

When the unsuspecting wallet owner paste in this fraudulent address, any funds they were attempting to send or receive are sent to it, instead of to the address they were copy/pasting.

In short, cyber thieves have capitalized on the tendency of wallet owners to utilize the copy and paste function. And again, these transactions are usually non reversible. The best way for a wallet owner to guard against this type of fraud is to use a good antivirus program, such as Kaspersky.  And of course, to double check wallet addresses each time a transaction is being made.

At the time of the report, Qihoo 360 Total Security showed that already 300 000 devices had been infected in a week’s time span. Just over 2 weeks later, BleepingComputer uncovered a file of this type which was monitoring 2.3 million addresses (28). If in the face of these findings, if one still finds oneself thinking ‘it won’t happen to me, I won’t bother to upgrade my antivirus service’ you may be falling into a studied phenomenon called ‘Optimism Bias’ (29). This is the tendency of decisions or conclusions to be made under the influence of optimism rather than reasoning. While it is scientifically proven that an optimistic outlook is good for us (30), if not balanced with logic, caution, and good antivirus software, optimism to the point of bias, could prove harmful for our digital wallets.

#9 Storing Assets in a Web Based Wallet Service – Because it Has a Logo

Another avoidable way that cryptocurrency assets get stolen or lost is through web based wallet services. Web based wallet services are attractive and convenient in that they provide the user with anywhere anytime access to their funds. This can be very useful for making payments and checking one’s balance. Like Paypal, a web based wallet service can be accessed from any device.

The downside to these web wallets are that they can be vulnerable to attack or fraud. One reason for this is that web wallet services have the ability to store user’s private keys within their data bases. Another reason is that online platforms are vulnerable to ‘impersonation’ in the form phishing scams. Attacks on online wallet services are not uncommon. In January of this year hackers launched a DNS attack on wallet service Blackwallet, making off with $400 thousand worth of Stellar Lumens (31). And two months prior to that, nearly $3 million worth of cryptocurrency was stolen during the Bitcoin Gold wallet incident (32).

From incidents like these it could be logical to say that online web based wallet services should be reserved for use as transactional accounts. In short a place to keep small amounts of tokens for making transactions. Due to the scale of these online security breaches, web wallets are not ideal locations for asset storage.

Why then do wallet users still store larger amounts of cryptocurrency on these platforms, run by people never met in real life? This could be explained by the recently documented phenomenon whereby our brains perceive logos in the same way we perceive faces of people that we know (33). Logos inspire trust by imbuing businesses with a familiar face. However unlike in the case of other humans, where we can analyze body language to refine judgments of trust (34), logos in the online space, can be the ‘face’ of merely a moderately capable collection of humans. Or even in some cases purposely fraudulent ones.

 

#10 No Will and No Family Members with Knowledge of How to Access Stored Digital Assets

Because cryptocurrencies are such a new asset class, as a society we have not yet had much experience including them in final wills and testaments. At the time of writing, Bitcoin is only 9.6 years old (35). And already there are cases of sudden deaths of wallet owners, leaving family and relatives without passkeys or the know how to access funds left in cryptocurrency form (36, 37).

Admittedly, it can feel kind of weird drawing up a will, or even contemplating one’s death. Especially if you are under 30! This could explain why, according to one poll, 64% of Americans do not have a will or testament drawn up (38).

Logically speaking, one would think that organizing and ensuring that if we were to suffer an early death, our loved ones would receive that which we intend to go to them, would be a fulfilling task. However the statistics would reveal that it is one which many of us put off. Perhaps this is due to the fact that in some ways, culturally we humans have a negative view of death, so much so that we can suffer from what is known as death anxiety (39). Combine a touch of death anxiety with evidence that the younger and more technologically inclined we are the more we may procrastinate (40, 41), and there may be a high probability that the future could hold a larger loss of investment through death, than by hacks, bugs or malware.

 

This post may contain affiliate links. If you make a purchase through one of these links, we receive a referral bonus from that purchase. Unfortunately not always in crypto, but you know that they say…. don’t look a gift horse in the mouth. 

 

References & Sources:

1.https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-losing-dollar30000-inbitcoin/

  1. https://www.investopedia.com/terms/p/panicselling.asp
  2. http://fortune.com/2017/12/09/how-secure-is-bitcoin-really/
  3. http://fortune.com/2017/12/09/how-secure-is-bitcoin-really/
  4. http://fortune.com/2017/11/25/lost-bitcoins/
  5. http://newsinfo.iu.edu/web/page/normal/14627.html
  6. https://www.ncbi.nlm.nih.gov/pubmed/19934011
  7. https://www.newsweek.com/man-accidentally-threw-bitcoin-worth-108m-trash-says-theres-no-point-crying-726807
  8. https://www.businessinsider.com/bloomberg-matt-miller-bitcoin-gift-stolen-2013-12?IR=T
  9. 10.https://books.google.co.za/books?id=CEsPDAAAQBAJ&pg=PT33&lpg=PT33&dq=never+reveal+your+private+key&source=bl&ots=gyjXjSPcef&sig=QFel328csaJOwURYqv0xIqxEiIY&hl=en&sa=X&ved=2ahUKEwi2p9-R1NjcAhWKAsAKHWFlDaQ4FBDoATABegQICRAB#v=onepage&q=never%20reveal%20your%20private%20key&f=false
  1. https://www.cnbc.com/2017/10/13/jamie-dimon-says-people-who-buy-bitcoin-are-stupid.html
  2. https://www.coindesk.com/bitcoin-not-says-goldman-sachs-ceo/
  3. https://www.investopedia.com/terms/p/panicselling.asp
  4. http://psiexp.ss.uci.edu/research/teaching/Tversky_Kahneman_1974.pdf
  5. http://www.worldometers.info/world-population/
  6. https://www.thetimes.co.uk/article/bitcoin-will-become-the-worlds-single-currency-tech-chief-says-66slm0p6b
  7. https://www.marketwatch.com/story/this-is-how-much-money-exists-in-the-entire-world-in-one-chart-2015-12-18
  8. https://www.investopedia.com/news/what-happens-bitcoin-after-all-21-million-are-mined/
  9. http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0078433
  10. 20.https://cdn2.hubspot.net/hubfs/4345106/crypto_aml_report_2018q2.pdf?submissionGuid=c1fe7e19-644d-4906-a384-97a620db0189
  1. https://midlifecroesus.com/2018/01/offline-storage-cold-storage-coinbase/
  2. 22.https://www.researchgate.net/publication/228460925_An_Examination_of_Internet_Fraud_Occurrences
  1. https://publications.parliament.uk/pa/cm201719/cmselect/cmpubacc/399/399.pdf
  2. https://duo.com/assets/pdf/Duo-Labs-Dont-At-Me-Twitter-Bots.pdf
  3. https://www.behavioraleconomics.com/the-be-guide/the-behavioral-economics-guide-2018/
  4. https://support.blockchain.com/hc/en-us/articles/211162263-Can-my-transaction-be-canceled-or-reversed-
  5. https://blog.360totalsecurity.com/en/new-cryptominer-hijacks-your-bitcoin-transaction-over-300000-computers-have-been-attacked/
  6. https://www.bleepingcomputer.com/news/security/clipboard-hijacker-malware-monitors-23-million-bitcoin-addresses/
  7. https://www.sciencedirect.com/science/article/pii/S0960982211011912
  8. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC1693418/pdf/15347528.pdf
  9. https://www.bleepingcomputer.com/news/security/hackers-hijack-dns-server-of-blackwallet-to-steal-400-000/
  10. https://www.coindesk.com/bitcoin-gold-wallet-scam-nets-3-million-illicit-earnings/
  11. http://www.wrbrpapers.com/static/documents/April/2015/12.%20Anne.pdf
  12. 34.https://static1.squarespace.com/static/52853b8ae4b0a6c35d3f8e9d/t/528d269be4b0ce6fb73c1ceb/1384982171174/detecting-the-trustworthiness-of-novel-partners-in-economic-exchange.pdf
  1. http://howoldisbitcoin.com/
  2. http://www.dailymail.co.uk/news/article-5669481/Family-friends-mourn-death-crypto-currency-billionaire-Matthew-Mellon.html
  3. https://www.coloradoelderlaw.com/blog/2017/09/accessing-bitcoin-wallets-in-estate-administration.shtml
  4. https://www.usatoday.com/story/money/personalfinance/2015/07/11/estate-plan-will/71270548/
  5. https://www.researchgate.net/publication/233662306_Death_Anxiety_A_Cognitive-Behavioral_Approach
  6. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4752450/
  7. https://www.frontiersin.org/articles/10.3389/fpsyg.2018.00913/full