Coin IRA is fully committed to protecting the security and privacy of its customers.
Knowing how scammers target you can protect you, and we believe that heightening awareness about these tactics is the best defense. We’ve gathered some basic preventative measures that we hope can help stop you from becoming a victim.
Types of Scams
Some may be sophisticated scams involving individuals setting up websites or apps using derivatives of a legitimate company’s website address, suggesting they are affiliated with the company in some way (a subsidiary or division).
Other types of scams may be emails, phone calls or text messages that attempt to elicit your personal information or logins. These attempts by fraudsters to steal your personal and financial information through emails and phone calls is called phishing, and through text messages is called smishing. Rest assured that Coin IRA does not share or sell your name, phone number, email address or any of your personal information with a third party.
We want to alert our customers to the warning signs of phishing and smishing scams, along with steps you can take to help protect your sensitive personal information and accounts. It is important to note here that Coin IRA will never share or sell your email address or any of your information.
Examine text messages and emails closely for certain red flags that should alert you to a possible phishing or smishing attack, including:
- Text or email contains misspellings.
- Text or email has grammatical errors.
- Text or email makes unrealistic promises of substantial returns on your investment.
- Text or email creates a false sense of urgency in the user.
- Text or email requires you to disclose sensitive information, such as birth dates, passwords, and user IDs.
- Text or email threatens you with negative consequences.
- Text or email is demanding or nagging.
Take these precautions…
- Avoid immediately responding to the suspicious text message or email. If it is an email, examine the sender’s email address for subtle differences in the spelling, i.e., @cionira.com vs. @coinira.com, or emails that are from a general mailbox that does not end with @coinira.com.
- Don’t click on any embedded links or attached documents.
- Don’t provide sensitive information requested.
- Don’t call any numbers contained in a suspected phish. Go directly to a known source of contact information, such as the company’s legitimate website. For Coin IRA, call our main line at 888-998-2646 or our Customer Support line at 866-924-5421.
- Delete the email or text message (It might be a good idea to snap a photo of it first).
In general, anytime you are logging into a site where you are going to enter sensitive information, first pay attention to the address bar (URL). Be extra cautious about entering financial information into a site beginning with “http://”, with no “s” after the “p” such as in “https://”. When you connect to a server using “https”, the “s” stands for secure, and tells you the SSL protocol is being used to secure communications between a client and server.
Second, make sure there is reliable contact information on any site asking you to send money or cryptocurrency. Call the contact number (more than once) before taking the next step. If you’re still not sure, trust your gut. It might be advisable to start with a small amount or “test deposit” before sending your life savings to a company or platform you don’t know if you can trust. Make sure you can also make a withdrawal, not just a deposit. Ask what that process is. If it sounds suspect or too good to be true, it probably is.
If you receive a suspicious text or email or suspect you are being targeted by a scammer…
- Immediately call the company where you hold the account if you have any concerns that you may have become the victim of a scam. For Coin IRA, call 888-998-COIN or email us at email@example.com.
- Do not click on links in a suspicious text, email or “fraud alert”, unless you can verify that they are legitimate.
- Do not respond to a text message requesting personal or financial information like account numbers, credit card numbers, Social Security numbers, login credentials or other account information.
- Do not call a phone number contained in a suspected phish. Go directly to a known source of information for contact information, such as the company’s legitimate website. For Coin IRA, that would be https://www.CoinIRA.com.
- Do not share your online password by phone, text or e-mail. Coin IRA will never ask you for this information. If we need to verify that we are actually speaking to you, we will send a 6-digit authorization code to your cell phone on record.
- Never share your trading platform username via phone, text or e-mail, unless you initiated the outreach to Coin IRA and know with certainty you are communicating with a Coin IRA representative.
- Forward suspicious emails to Coin IRA (firstname.lastname@example.org) and forward screen shots of fraudulent text messages, emails, or websites that appear to be from Coin IRA to email@example.com.
- Coin IRA customers who believe they may have responded to a fraudulent text or e-mail and disclosed personal or account-related information should immediately change the Username and Password associated with their trading account, and should then contact us directly at 888-998-COIN or 866-924-5421 or firstname.lastname@example.org.
- Don’t click on a link that asks you to download an app that you receive in an email, text message, or direct message, or chat on social media. Only use apps that you’ve downloaded from the Apple Store or Google Play Store. Be especially suspicious of apps that only allow you to fund your account using cryptocurrency.
- Don’t give anyone personal or sensitive information such as your username, birthdate, or password.
- Don’t send money or cryptocurrency to a company or person you don’t know, especially through an app you were sent a link to download through social media such as Facebook, Instagram, or LinkedIn. Coin IRA will never ask you to send cryptocurrency to fund an account. All Coin IRA accounts are funded through our custodian, Equity Trust Company, in US dollars.
- Double check the wallet ID (public key) before you hit send when sending cryptocurrency. If you send cryptocurrency to the wrong wallet by mistake, the transaction is complete, and the cryptocurrency cannot be retrieved.
- Set up multi-factor authentication whenever possible to access your accounts, requiring you to use two or more credentials to access your account, such as your password plus something else like a 6-digit code from the Authenticator app or verification code texted to the cell phone on record. (All Coin IRA customers, without exception, must use 2-factor authentication to access their trading accounts.)
- Never share your credentials with another person, such as your login, password, or the verification code you get via text.
- Never let a stranger borrow your phone. If you are in a situation where you want to be helpful, offer to make a call for them.
If you’ve been a victim of fraud…
Report fraud to the Federal Trade Commission at https://ReportFraud.ftc.gov.
Internet fraud can be reported to https://www.ic3.gov/.
The Commodity Futures Trading Commission also has a website where you can report digital fraud: https://www.cftc.gov/LearnAndProtect/AdvisoriesAndArticles/watch_out_for_digital_fraud.html
We hope these precautionary measures are helpful in keeping you from falling victim to a scam. We welcome your questions regarding account security at 888-998-COIN, Customer Support at 866-924-5421 or email@example.com.