Welcome to USD1cybersecurity.com

What this page covers

Cybersecurity for USD1 stablecoins can be understood as three overlapping layers:

1. People and processes: how humans approve actions, store secrets, and respond to suspicious events.
2. Devices and accounts: phones, laptops, browser extensions, email accounts, and identity systems used to access services.
3. Protocols and code: wallet software, smart contracts (software that runs on a blockchain), and infrastructure like bridges (systems that move tokens between networks).

Problems can occur in any layer. A strong blockchain does not help if a user signs a malicious approval on a compromised laptop. Likewise, excellent personal device security does not help if a smart contract has a critical bug.

This page focuses on security questions that come up often for USD1 stablecoins:

• How do attackers steal USD1 stablecoins in practice?
• What are the differences between self-custody and custody from a security standpoint?
• What do approvals mean, and why do they matter?
• What changes when USD1 stablecoins are used inside DeFi (decentralized finance, meaning financial services built on smart contracts)?
• What are reasonable security controls for businesses handling USD1 stablecoins?

If you are looking for price commentary, token promotions, or issuer claims, you will not find them here. The goal is to help you think clearly about risks.

A threat model for USD1 stablecoins

A threat model (a structured way to think about what can go wrong, who might cause it, and how) is the best starting point. Without it, security becomes a random list of tips. With it, you can focus on the threats that match your real exposure.

A simple threat model for USD1 stablecoins usually starts with these questions:

• What are you trying to protect?
• What could cause loss or harm?
• How likely is each scenario?
• What controls reduce the risk, and what tradeoffs do they introduce?

The NIST Cybersecurity Framework is a useful reference because it describes cybersecurity outcomes in plain language rather than prescribing tools, making it adaptable to many situations.^[1]

What you are protecting

For most users, the asset is not just the token balance. The true asset is the ability to authorize spending. That authorization often comes from a private key (a secret number that allows you to sign transactions) or from access to an account at a custodial service (a provider that holds funds on your behalf).

You may also need to protect:

• Recovery factors: seed phrases (a list of words that can recreate a wallet), backup codes, or device recovery keys.
• Identity channels: email accounts, phone numbers, and authenticator apps used for login.
• Payment intent: invoices, payment requests, and the destination addresses associated with them.
• Reputation and privacy: transaction histories that could be tied back to a real person or company.

Common adversaries

The most common adversaries are financially motivated and operate at scale. Typical categories include:

• Phishers (attackers who trick you into clicking a link or entering a secret): often impersonate exchanges, wallet support, or a colleague.
• Malware operators (people who run malicious software): try to steal login sessions, clipboard contents, or wallet secrets.
• Account takeover groups: specialize in stealing login sessions and bypassing weak authentication.
• Insider threats (trusted people misusing access): relevant for teams with shared wallets or payment operations.
• Sophisticated attackers: less common, but can target high-value holders with custom malware and long-term social engineering.

The main trust boundaries

A trust boundary (where trust assumptions change) is where many incidents happen. With USD1 stablecoins, key trust boundaries include:

• The device screen: you must trust what you see when approving a transaction.
• The wallet software: you must trust it to show the true spender and destination.
• The web page you are connected to: you must trust it not to trick you into approvals.
• The custody platform: you must trust its internal controls, detection systems, and support processes.
• The network and smart contract: you must trust the token contract rules and the network consensus (how the network agrees on the ledger).

Key concepts and jargon, explained

The vocabulary around blockchains and USD1 stablecoins can make simple ideas sound mysterious. These concepts show up in most security discussions.

Wallet basics

• Wallet (software or hardware that helps you manage keys and sign transactions): a wallet can be a mobile app, a browser extension, or a dedicated device.
• Self-custody (you control the keys directly): you gain independence but also carry full responsibility for mistakes and backups.
• Custody (holding assets for someone else): a custodial provider can move funds if their internal controls allow it, so you are trusting their security.
• Seed phrase (a human-readable recovery secret, often 12 to 24 words): if someone gets it, they can usually take the funds.
• Private key (the secret used to sign): it proves authority to spend.
• Public address (the destination label others use to send funds): it is not secret, but it can reveal patterns about you.

Network and transaction basics

• Network (a set of computers following the same blockchain rules): different networks are not automatically compatible.
• Transaction (a signed instruction recorded on a blockchain): it can transfer USD1 stablecoins, grant approvals, or call smart contracts.
• Confirmation (a sign that the network accepted the transaction): more confirmations generally means less chance of reversal on networks where reorganization (rewriting a small part of recent history) can occur.
• Block explorer (a website that shows transactions and balances): useful for verification, but also a source of privacy leakage.

App and account security basics

• Session (a temporary login state stored in a browser or app): if stolen, an attacker may act as you without knowing your password.
• Password manager (software that stores strong passwords securely): reduces password reuse and helps prevent look-alike login pages.
• Multi-factor authentication (MFA) (a second login step beyond a password): often based on an authenticator app, a hardware key, or a passkey (a phishing-resistant login method using cryptography).
• Social engineering (tricking people into doing unsafe things): often uses urgency, authority, and fear.

CISA promotes MFA as a high-impact control for both personal and business accounts because it limits damage from stolen passwords and many common phishing attempts.^[2]

NIST digital identity guidelines provide terminology and requirements for authentication strength, including considerations for phishing resistance and recovery design.^[4]

Smart contract basics

• Smart contract (software deployed to a blockchain): it can hold and move tokens according to rules, but bugs can create loss.
• DeFi (decentralized finance, meaning financial services built on smart contracts): introduces additional smart contract and integration risk.
• Token approval (permission for a smart contract or service to spend tokens for you): some approvals are unlimited, which can be risky.
• Bridge (a system that moves tokens between networks): concentrates value and complexity.

Common attack paths

Most thefts of USD1 stablecoins do not begin with an attacker defeating blockchain cryptography. They begin with a human mistake, a compromised device, or a malicious approval. Understanding the patterns makes them easier to spot.

Phishing and fake support

Phishing (fraudulent messages that try to steal secrets) is one of the highest-return attack methods. Attackers register look-alike domains, buy ads, or send messages that appear to come from customer support. Common goals include:

• Stealing login credentials for a custody platform
• Capturing a seed phrase through a fake "recovery" page
• Getting a wallet connection and prompting a harmful approval

CISA provides consumer guidance on recognizing and reporting phishing and emphasizes skepticism toward urgent requests and careful link checking.^[3]

SIM swap and phone number takeover

A SIM swap (fraud where an attacker convinces a mobile carrier to move your phone number to their device) can defeat SMS-based login codes and password resets. Once the attacker controls the phone number, they can often intercept account recovery flows for exchanges, email providers, and messaging apps. This is not unique to USD1 stablecoins, but it is especially damaging when the compromised account controls withdrawals.

Malware and remote control

Malware (harmful software) can take many forms. Some steals browser sessions, some replaces copied addresses, and some installs remote access (allowing an attacker to operate your computer from afar). In crypto-related thefts, attackers often aim to alter what the user sees long enough to get a signature or approval.

Approval drainers

A drainer (a scam site designed to trick a user into granting approvals) may look like an airdrop claim, a support fix, or a new feature. Once an approval is granted, the attacker can pull USD1 stablecoins later, sometimes minutes or hours after the user closes the tab. This is why approvals matter as much as transfers.

Address poisoning and payment diversion

Address poisoning (an attacker sending small transfers from look-alike addresses) tries to pollute wallet history so the user copies the wrong destination later. Payment diversion can also occur through:

• Compromised vendor email (BEC)
• Tampered QR code on a website
• Altered deposit address in a browser due to malicious extensions

Software and dependency risk

Even when users do everything right, apps can fail. Weak access control, insecure design, and vulnerable dependencies show up across industries, including crypto apps. OWASP publishes a widely used list of common web application risk classes that map well to wallet and payment apps.^[5]

Wallet and key security

When people say they "lost their USD1 stablecoins," the root cause is often that an attacker gained signing authority or that a recovery secret was exposed. Wallet security is therefore largely key management (how keys are created, stored, backed up, and used).

Hot wallets, cold storage, and hardware wallets

A hot wallet (a wallet connected to the internet) is convenient for frequent use, but it is exposed to malware on the device and to phishing risks in the browser. Cold storage (keeping keys offline) reduces online attack surface, but it introduces physical security and backup risks. A hardware wallet (a dedicated device that stores keys and signs transactions) is one approach that tries to combine usability with stronger isolation from malware.

There is no universally best option. The right choice depends on what you are optimizing for:

• Regular activity: convenience and speed, with strong device controls and careful approvals
• Larger balances: stronger isolation and more deliberate workflows
• Team-controlled funds: stronger governance, shared approvals, and formal processes

Multi-signature and shared control

Multi-signature (requiring more than one approval to move funds) can reduce single-person failure. It can help with:

• Insider risk, by limiting what one person can do alone
• Phishing risk, by making one stolen key insufficient
• Operational mistakes, by encouraging review before funds move

MPC (multi-party computation, where signing is split across participants) is another pattern often used by institutional custody providers. It can provide similar shared-control benefits with different operational tradeoffs.

The seed phrase problem

Seed phrases are powerful because they can restore a wallet even if a phone is lost. They are also dangerous because they are single points of failure. If a seed phrase is photographed, stored in a cloud note, pasted into a chat, or typed into a fake support form, an attacker can often drain USD1 stablecoins quickly.

Many real incidents share the same story: the attacker did not break cryptography, they obtained the seed phrase through deception.

Session hijacking and wallet connections

Many modern apps use wallet connections (a feature where a web page asks a wallet to approve a login or a transaction). Attackers can abuse this by:

• Trick-signing: asking for a signature that looks like a login but is actually an approval
• Session theft: stealing browser session data so they can act as you on a site
• Transaction simulation spoofing: displaying reassuring previews that do not match what will happen

In other words, the security boundary is often the screen you are looking at, not the blockchain.

Device security still matters

Even though signatures are cryptographic, the device that creates the signature is a common failure point. If malware can alter what you see, it can lead you to approve the wrong destination or a harmful approval. General cyber hygiene still provides real protection:

• Keeping operating systems and browsers current reduces exposure to known vulnerabilities.
• Using a password manager reduces password reuse and makes phishing pages easier to spot.
• Using phishing-resistant MFA reduces account takeover.

CISA emphasizes MFA as a practical baseline control and provides guidance for turning it on across consumer accounts.^[2]

Transaction safety and address mistakes

A transaction is straightforward in concept but easy to get wrong in practice. The most common failures involve sending to the wrong place or using the wrong network.

Wrong address and address verification

Addresses are long, so users copy and paste. Attackers exploit this in multiple ways:

• Clipboard hijacking (malware replacing copied text): swaps the intended address for an attacker address.
• Address poisoning: sends small transfers from look-alike addresses so they appear in history.

Both patterns rely on humans glancing at a few characters rather than verifying the full destination. Visual checks, address books, and hardware wallet displays can help, but none are perfect.

Wrong network and token confusion

USD1 stablecoins can exist on different networks. Some are native deployments and some are wrapped (represented by a token that stands in for value locked elsewhere). If you send to an incompatible network or to a contract that cannot handle the token type, you can create loss.

This is not only a consumer issue. Businesses accepting USD1 stablecoins should be explicit about which network they support and how they confirm receipt.

Fee pressure and urgency tricks

Attackers introduce urgency: "approve now or you will lose access." In blockchain contexts, fee settings can also create anxiety because the user sees pending status for a while. That anxiety is a lever for social engineering, pushing users toward risky shortcuts or untrusted services.

CISA phishing guidance notes that urgency and fear are common themes in scam messaging.^[3]

Smart contracts, DeFi, and approvals

If you only hold USD1 stablecoins in a simple wallet and send occasional transfers, your primary risks are phishing and device compromise. If you use USD1 stablecoins in DeFi, your risk expands to include smart contract behavior and integration risk.

Smart contract bugs

Smart contracts are software, and software can have bugs. Common bug classes include:

• Reentrancy (a bug where a contract is called again before it finishes its first operation)
• Access control failures (bugs that let unauthorized users call admin functions)
• Arithmetic mistakes (errors in how values are calculated)
• Oracle manipulation (a bug where price or data feeds can be influenced)

Security reviews and audits (independent examinations of code for vulnerabilities) reduce risk but do not guarantee safety. Over time, teams learn that conservative design and operational maturity matter as much as code review.

ENISA has noted that traditional security practices like key management remain important for blockchain systems, while new challenges appear around smart contract management and consensus risks.^[6]

Token approvals and unlimited allowances

Many token standards require an approval before a smart contract can move your tokens. This is normal, but it creates a specific attack surface:

• A malicious app can request an approval that lets it take USD1 stablecoins later.
• A legitimate app can be hacked, and previously granted approvals become the attacker path.
• Unlimited approvals increase the maximum possible loss.

Because approvals often look boring, users accept them without scrutiny. For USD1 stablecoins, that can turn a small interaction into a large loss.

Bridges and cross-network risk

Bridges concentrate value and complexity. They often involve either:

• Custodial components (a group controls locked funds), or
• Complex verification (a system checks events across networks)

Both patterns can fail. If your USD1 stablecoins move across networks, bridge risk should be included in your threat model.

Administrative controls and freezing

Some stablecoin contracts in the market include administrative functions such as pausing transfers, freezing addresses, or upgrading contract logic. Other implementations are minimal and do not include such controls. These choices affect cybersecurity outcomes: controls can help respond to theft in some cases, but they also create central points of authority that must be protected from abuse.

The Financial Stability Board has highlighted that stablecoin arrangements involve multiple functions and entities, and that governance and operational resilience are core considerations.^[7]

Custody and service provider security

Many people interact with USD1 stablecoins through services: exchanges, payment processors, merchant tools, and custody providers. This shifts security from personal key management to platform trust.

What changes under custody

With custody, you do not directly control the private keys. The main questions become:

• How does the provider secure its keys and signing systems?
• What internal approvals are required for withdrawals?
• How does the provider detect fraud and respond to incidents?
• What controls exist against insider misuse?

Custodians often use hardware security modules (HSMs) (tamper-resistant devices that protect cryptographic keys) or MPC to reduce single points of failure. They also rely on monitoring and segregation of duties (splitting responsibilities so no single person can move funds alone).

Identity and account security

Custodial services are exposed to account takeover. A strong custody platform can still lose customer funds if attackers repeatedly trick users into revealing passwords or if recovery processes are weak.

This is why identity security and anti-phishing controls are intertwined with crypto security. The strongest cryptography does not help if a user account is taken over.

NIST digital identity guidelines explain authentication and recovery considerations that are relevant to custody platforms and any service that protects financial accounts.^[4]

Platform software risk

Even if a provider secures keys well, the surrounding software stack can be vulnerable. Web apps can suffer from injection attacks (untrusted input changing the meaning of a command), broken access control, or insecure design. OWASP documents these patterns as common failure modes across web applications, including financial services and crypto services.^[5]

Business and team controls

Businesses that use USD1 stablecoins face a different risk profile than individuals. The issues are less about one person losing a seed phrase and more about process failures: invoice fraud, unclear approvals, and weak separation between testing activity and real payments.

Governance and clear roles

Governance (how decisions are made and controlled) is not just paperwork. It defines who can request a payment, who can approve it, and how exceptions are handled. Mature teams treat USD1 stablecoins payments like other high-risk payment rails: they verify destinations, use dual control, and maintain logs that support audits.

The NIST Cybersecurity Framework includes a Govern function, reflecting the reality that organizational cybersecurity is guided by oversight and policy as much as technical controls.^[1]

Separation of duties and dual control

Separation of duties (splitting tasks so one person cannot complete a risky action alone) is especially relevant when blockchain transfers are final. Dual control (two-person approval) reduces the chance that a compromised employee account can send USD1 stablecoins to an attacker.

This is commonly implemented through:

• Multi-signature wallets
• MPC workflows
• Custody platforms with configurable approval policies

Vendor and invoice fraud

Business email compromise (BEC) (fraud using impersonated email or messaging accounts) often targets accounts payable teams. An attacker might compromise a vendor email and send a revised invoice with a new wallet destination. If the team pays without an out-of-band check (verification through a separate channel), funds can be lost quickly.

Operational resilience

Operational resilience (ability to keep operating through disruptions) includes backups, monitoring, and rehearsed incident handling. For USD1 stablecoins payment operations, resilience also includes:

• Clear internal escalation paths when suspicious transfers occur
• A record of approved wallet destinations
• Reconciliation routines that detect unexpected movements

The FSB stablecoin recommendations emphasize governance and risk management across stablecoin arrangements, including operational risk controls.^[7]

Compliance touchpoints that overlap with cybersecurity

Compliance is not the same as cybersecurity, but they overlap. Anti-money laundering (AML) (controls intended to reduce illicit financial activity) and sanctions programs can require monitoring and reporting. Those monitoring systems often share data sources and alert workflows with security teams, especially at virtual asset service providers.

FATF guidance outlines risk management expectations for virtual asset service providers, which commonly includes controls related to monitoring, suspicious activity handling, and operational governance.^[8]

Building software that handles USD1 stablecoins

If you are building software that supports USD1 stablecoins, the security scope grows again. You are not only protecting funds, you are also protecting users from tricked approvals and from flaws in your own application.

Threat modeling and secure design

Threat modeling helps teams catch dangerous assumptions early. For example:

• If your app shows a deposit address, how do you protect it from being altered by a compromised script?
• If your app builds a transaction for the user, how do you prevent tampering in the browser?
• If you use a third-party widget, what stops a supply chain compromise from pushing malicious code?

OWASP treats insecure design as a major category because many failures happen long before code is written, through unsafe assumptions about trust and user behavior.^[5]

Authentication, sessions, and phishing resistance

For hosted apps, account takeover is a major threat. Strong passwords help, but phishing resistance is better. MFA is important, and hardware-backed methods are stronger than SMS codes in many threat models.

CISA provides consumer-friendly guidance for enabling MFA and explains why it blocks many common attacks.^[2]

Handling secrets safely

If your back-end system ever handles private keys, you are dealing with high-risk key management. At that point, you should assume that:

• Logs can leak secrets if developers are not careful.
• Build systems can be compromised.
• Insiders may have access they do not need.

Many teams therefore avoid holding customer keys or they use specialized custody systems with HSM or MPC. If you do hold keys, access review and controlled key rotation (planned replacement of keys) are important parts of the security story.

Web application security still applies

Crypto apps are still web apps. They still face:

• Injection attacks
• Cross-site scripting (XSS) (injecting script into a page)
• Broken authorization (users accessing actions they should not)
• Insecure dependencies (third-party libraries with known vulnerabilities)

OWASP Top 10 provides a shared vocabulary for these risks and is widely used as a foundation for secure development programs.^[5]

Transaction clarity and user consent

A unique responsibility for USD1 stablecoins apps is consent clarity. Users often approve actions they do not understand because the wallet prompt is confusing. Better designs help users understand:

• What will be spent
• Who will receive it
• Whether the action is a one-time transfer or an ongoing approval

Reducing confusion reduces fraud.

Privacy and monitoring considerations

Blockchains are transparent by design. Many networks are pseudonymous (addresses are not names, but behavior can still be linked). Privacy is therefore a cybersecurity factor: if attackers connect an address to a real person or business, they can target them with extortion, social engineering, or physical threats.

Privacy-relevant topics include:

• Address reuse: repeated use makes linking easier.
• Public donation addresses: can reveal treasury balances.
• Public salary payments: can reveal employee compensation if not designed carefully.

At the same time, transparency supports monitoring. Businesses can use on-chain monitoring tools to detect unexpected transfers, and investigators can sometimes trace stolen funds across addresses.

The goal is not to be invisible, but to be deliberate about what information you expose.

Incident response for USD1 stablecoins

Incident response (a structured way to detect, contain, and recover from security events) is different for USD1 stablecoins than for credit cards. When a credit card is stolen, it can often be canceled. When a private key is stolen, it may be impossible to revoke.

NIST describes Respond and Recover as core cybersecurity functions, reinforcing that planning for incidents is part of security, not an afterthought.^[1]

Common incident scenarios

Incidents involving USD1 stablecoins often fall into a few categories:

• Seed phrase exposure and rapid draining
• Compromised device leading to malicious approvals
• Account takeover at a custodial provider
• Vendor fraud causing payment to the wrong address
• Smart contract exploit draining pooled funds

What containment can look like

Containment (stopping the problem from getting worse) depends on the custody model:

• Self-custody: remaining funds may be moved to a new wallet, approvals may be revoked, and devices may be isolated for investigation.
• Custody platforms: accounts may be locked, withdrawals paused, and support teams engaged.
• Smart contract incidents: teams may pause contracts if that control exists, or focus on communicating quickly and coordinating with exchanges.

Some stablecoin contracts can freeze addresses, but that feature is not universal and can introduce its own governance risks. Understanding the specific token design you use is part of preparedness.

Communication and reporting

Incidents often involve a fast-moving scam with multiple victims. Clear internal communication and external reporting can help. In some jurisdictions, there may be reporting obligations for certain incidents, especially for regulated financial service providers.

FATF guidance discusses risk management expectations for virtual asset service providers, which commonly includes controls that overlap with cybersecurity monitoring and incident handling.^[8]

How to evaluate security claims

Security marketing can be confusing, and crypto marketing sometimes exaggerates. A more reliable approach is to look for evidence.

Signals that usually matter

• Clear threat model: the product explains what it protects against and what it does not.
• Transparent security architecture: custody model, key storage approach, and recovery design are described plainly.
• Independent assessment: audits, penetration tests (authorized attempts to break a system), or credible certifications.
• Operational maturity: incident handling processes and a track record of communicating clearly during problems.
• Safe authentication options: strong MFA support and phishing-resistant methods.

Red flags to treat cautiously

• Claims of being "unhackable"
• Support channels that request seed phrases
• Urgent messages that bypass normal verification paths
• Complex mechanisms without clear explanation of trust assumptions

The NIST CSF focus on outcomes rather than magic tools is a useful antidote to hype.^[1]

Frequently asked questions

Are USD1 stablecoins transfers reversible?

On many blockchains, a confirmed transfer cannot be reversed the way a card charge can be disputed. Some networks can experience rare reorganizations of very recent history, but users should not rely on reversals as a safety mechanism. In general, cybersecurity controls that prevent mistakes and theft are far more reliable than hoping for undo.

Is custody safer than self-custody?

Custody can reduce some risks and increase others. Custody platforms can invest in professional security teams, HSMs, monitoring, and formal processes. At the same time, custody introduces account takeover risk and platform risk. Self-custody removes platform dependency but makes the user responsible for key management, backups, and avoiding phishing.

There is no universal answer. The safer option is the one whose risks you can manage given your situation and habits.

What is the most common way people lose USD1 stablecoins?

Phishing and social engineering are common starting points. Attackers impersonate support, send look-alike links, and pressure users to reveal a seed phrase or approve a malicious action. CISA publishes practical anti-phishing guidance that applies directly to crypto-related scams.^[3]

What should a business worry about first?

For many businesses, the biggest early risks are vendor fraud, unclear approval workflows, and weak access control around payment operations. Businesses that accept USD1 stablecoins should treat wallet destinations as critical payment details and maintain processes that verify changes through separate communication channels.

The NIST Cybersecurity Framework can help teams structure their approach around governance, protection, detection, response, and recovery outcomes.^[1]

Does DeFi make USD1 stablecoins less safe?

DeFi introduces additional smart contract and integration risk. Holding USD1 stablecoins in a wallet exposes you mostly to phishing and device compromise. Using USD1 stablecoins inside DeFi also exposes you to bugs in the contracts you interact with, to approval risk, and to bridge risk if funds move across networks.

Glossary

This glossary recaps key terms used on this page.

• Address poisoning: a scam that sends small transfers from look-alike addresses to trick you into copying the wrong destination later.
• Bridge: a system that moves tokens between networks, often a concentration of value and complexity.
• Cold storage: keeping keys offline to reduce online attack surface.
• Confirmation: evidence that a blockchain accepted a transaction.
• Custody: a provider holds funds and controls the keys on your behalf.
• DeFi: decentralized finance, meaning financial services built on smart contracts.
• Digital signature: a cryptographic approval created with a private key.
• Drainer: a scam site that tricks users into granting token approvals that can later be abused.
• HSM: hardware security module, a tamper-resistant device used to protect cryptographic keys.
• Key management: how keys are created, stored, backed up, and used.
• MFA: multi-factor authentication, a second login step beyond a password.
• MPC: multi-party computation, a method that splits signing across participants.
• Phishing: fraudulent messages that try to steal secrets or trick you into unsafe approvals.
• Seed phrase: a recovery secret, often a list of words that can recreate a wallet.
• Self-custody: you control the private keys directly.
• Smart contract: software deployed to a blockchain that can hold and move tokens.
• Threat model: a structured way to think about what can go wrong and how to reduce risk.

Sources

^[1] The NIST Cybersecurity Framework (CSF) 2.0

^[2] CISA Secure Our World: Turn On MFA

^[3] CISA Secure Our World: Recognize and Report Phishing

^[4] NIST SP 800-63 Digital Identity Guidelines

^[5] OWASP Top 10:2021

^[6] ENISA report on blockchain technology and security

^[7] FSB: High-level Recommendations for Global Stablecoin Arrangements (Final report, 17 July 2023)

^[8] FATF: Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers (October 2021)