Nexo follows strict internal security practices aimed at keeping your cryptocurrency safe. It is, however, important that you also take certain precautions to ensure that you are the only person with access to your account. If someone gains access to your account, your cryptocurrency may be at risk.
Some of the most common methods that scammers may use to gain access to and perform unauthorised transactions on your Nexo account are explained below:
1. Account takeovers: Nexo relies on your email address for communication with you. If someone gains unauthorised control over it, they could potentially gain access to your Nexo account. It is therefore important to make sure that you have strong security on your email and Nexo account.
2. Phishing: This is when you are tricked into revealing personal information, such as usernames, passwords or other sensitive information. Phishing can take many forms, for example:
- Emails: You may receive an email that appears to be from Nexo but was actually sent by a scammer, asking you for information or leading you to a fraudulent website.
- Phishing websites: These websites are set up to look like Nexo’s website, but everything entered there (like your username and password) gets recorded in order for scammers to access your actual Nexo account. In some cases, these websites are promoted by running adverts that look like they’re taking you to the legitimate Nexo website.
- Phone scams: Someone may call you, pretending to be from Nexo, asking you to provide your username, password and other information in order to access your Nexo account.
- SMS / instant messaging scams: In this case, a fraudster will send you a message purporting to be from Nexo and prompting you to share your username, password or other information, or to select a link.
Nexo will never call, email or SMS/instant message you and ask you for your password. If anyone contacts you claiming to be from Nexo and asks for this information, you should end communication and get in touch with us by our support using 24/7 live chat.
3. Malware: This is an advanced method where scammers gain access to your devices through sophisticated software programs that allow them to take control of your computer, steal your passwords or other sensitive information.
4. Identity theft: This is when someone obtains access to your personal information and pretends to be you in order to, for example, open an account in your name and/or transact on your account. Identity theft may occur when your identification document, passport or other information is stolen (either physically, through phishing or by other forms of social engineering). There is also a risk of identity theft taking place when your device is stolen.
Measures you should take:
Transactions in cryptocurrencies are irreversible, which means that losses due to fraudulent or accidental transactions are not recoverable. It is therefore very important that you understand how to identify and avoid falling victim to these types of attacks. Here are some precautions you can take:
- Strong password security: Use a unique, strong password with at least 16 characters and never share it or reuse it on other websites. Password managers make it easy to generate and store strong passwords. Nexo recommends LastPass, but there are several alternatives.
- Enable two-factor authentication (2FA): This is an added level of security that requires a unique code every time you log in to an account. The code is generated by your device, which is required in addition to your username and password.
- Protect your email account: Keep your email account secure to ensure that nobody can access your Nexo account through your email account. Most email providers support 2FA.
- Don’t share sensitive information: Nexo employees will never ask you for your password, 2FA code or ask you to authorise transactions.
- Check the URL: Before signing into Nexo or clicking an advert, ensure that you are on www.nexo.io
- Check the email domain: Any communication from Нexo will come from a @nexo.io.
- Lock your account: If you suspect your account has been compromised, contact our support immediately using our 24/7 live chat.
If your account has been compromised:
If you believe your account has been compromised, please let us know by contacting us using 24/7 live chat as soon as possible.
Nexo cannot be held responsible for a loss of funds where you have fallen victim to one of these attacks as stated in our Wallet Terms & Conditions, but we will do everything we can to assist you.