[jsheard]

As usual it's not so much that the scams and attacks are unique to crypto, it's that crypto makes them much worse by willfully ignoring hard-earned lessons in traditional finance. Kidnapping for ransom isn't new, but what is new is that if you kidnap a known crypto whale you can instantly, untraceably and irreversibly extract most of their net worth with a bit of "convincing", without raising any alarms until it's too late.

[Animats]

> it's that crypto makes them much worse by ignoring hard-earned lessons in traditional finance.

Indeed. A friend of mine manages a retail bank branch for a major US bank. She gets a few cases a week where someone appears to be a scam victim or is being coerced in some way. They want to make an unusually big cash withdrawal for their account history, or do an unusual money transfer, or something involving gift cards. She's seen all the standard scams by now, and is experienced in explaining what's going on to the victims. Often she can talk them down, or help them. Sometimes even get previously scammed money back.

A surprisingly large part of retail finance work is dealing with fraud and fixing problems. The routine transactions have been automated for years, after all. Crypto land lacks this.

Here's a bank's guide to current scams.[1]

[1] https://www.firstcitizens.com/personal/insights/security/top...

[DennisP]

This is why some crypto people have most of their coin in multisig wallets. They can only transfer small amounts without getting m-of-n friends to sign their transaction. If your friends know not to do that without hearing a code word, then the alarm will be raised.

Another option is to keep your cold storage in a safe deposit box or private vault, so you have to physically go someplace where there are other people. An advantage of the multisig is that the criminals can verify the situation, possibly before they show up at your house.

[bernb]

People always say "with crypto, you are your own bank" like it's (only) a good thing and not realizing how hard it is to do right.

[mrguyorama]

If people thought being their own bank was a good thing, we wouldn't have fucking banks

[WalterBright]

Couldn't one's crypto pile be divided into multiple wallets, each with different passwords?

[AnimalMuppet]

Sure. But if I know about how much you've got, then if I've got you, I can beat all the passwords out of you.

Worse: Even if you give me all your passwords, I may want to keep beating until I'm really sure that you're not holding anything back.

[kev009]

If you have enough to worry about someone beating out of you, maybe putting some into professional multiparty custodial systems and/or one or more cold wallets with trustees is a good idea. This idea scales fine with geopolitical risk.

Your "hot wallet" should be like cash, no more than you are prepared to lose/surrender at once.

[PostOnce]

Or you could just have real money in an insured bank

And your cold wallet could be the stock market or real estate or private equity

Then you're much safer and just as wealthy

[kev009]

None of these things are mutually exclusive. Holding a large pile of any one country's fiat is probably the dumbest move. Ownership of physical assets that generate revenue is the smartest.

[1659447091]

And to add: Your "hot wallet" being bank issued credit cards for everyday purchases or emergencies that you are prepared to lose/surrender the moment someone tells you to hand over your wallet.

Later log into the accounts, flip the toggle to stolen/lost and mark unauthorized purchases if there are any. Then sleep peacefully knowing new credit cards are in the mail and you are only out the cost of the physical wallet holding the cards that were stolen.

[vkou]

> maybe putting some into professional multiparty custodial systems and/or one or more cold wallets with trustees is a good idea.

So, you want to delegate your ability to spend your money to other people.

Why not just go to a bank? It can do that for you, plus pay you interest.

[kev009]

Most people of any significant wealth would have made the delegation long ago to private client banking where a team of people overlook all aspects of the accounts. So yes, you are a fool not to if you have the level of wealth proportional to having it beaten out of you in your geopolitical region.

A custodial service is a bank that operates on a different network and is not FDIC insured (which only covers $250k). It could be insured privately. The interest on an FDIC deposit account is well below true inflation of fiat currencies.

[beAbU]

You are describing a bank!! Just put your goddamn money in a bank.

[WalterBright]

You could make passwords too long to remember. Write them down and put them in a safety deposit box.

[atmavatar]

That's when the bad guys grab one or more loved ones and threaten to do bad things to them until you retrieve the passwords.

[WalterBright]

True, but that makes for a much riskier proposition for the bad guys. The whole point of these bitcoin grabs is minimal risk.

The risk would be about the same as for any ransom scheme.