One of the most prominent promises of blockchain-based technology and cryptocurrencies is their security.
However, over the past few years, we’ve seen hundreds of reports of investors and traders losing their valuable crypto savings, and the reasons vary. From improper private key management, hacked exchanges, and phishing scams, there are plenty of ways bad actors can go about attacking your savings and potentially stealing them.
In Bitcoin and crypto, you’re your own bank. However, unlike traditional banking, the main disadvantage is that in almost all cases, once the digital currencies leave your wallet – there is no way to return them. There’s no insurance.
This is why it’s of paramount importance to do everything possible to guarantee the safety of your crypto holdings.
Your Cryptocurrency is Only as Secure as Your Wallet
Users need to understand that the threat to their cryptocurrency is not through the blockchain but rather through their wallet or exchange. Information can be tracked and stored at the provider level, and this includes your private key. This can then be accessed by hackers, enabling them to steal your savings.
The competition between the different digital wallets is growing, as the number of people using cryptocurrencies is also on the rise.
This is why it’s becoming crucial for users to be very selective when it comes to the wallet they use. As a general rule of thumb, you should only use cryptocurrency wallets that are developed by reputable companies with a proven track record. For this, you can visit our trusted crypto wallets guide or check the seven best non-custodial crypto wallets.
However, after you’ve done that, there are many things you can do to guarantee the safety of your Bitcoin and other cryptocurrencies. Here are nine tips you absolutely must know and abide by.
Don’t Put All Eggs in One Wallet: Also, Use Cold Storage
Not only is this a great practice when it comes to investing, but also when it comes to security. You should never put your entire cryptocurrency stack in a single wallet, even if you’re using hot or cold storage.
The best way to go about it is to use multiple cryptocurrency wallets and distribute your savings in a way that won’t affect you so much if one of them is compromised.
The usage of cold storage devices is strongly recommended. These wallets are not connected to the internet and, as such, are almost impossible to hack unless you fall victim to a phishing scam, which is also discussed down below. The most popular brands are Trezor and Ledger.
Be Careful With Your Mobile Device and PC
A lot of the cryptocurrency wallets also come with a mobile application, and that’s one of the things that hackers tend to exploit.
When it comes to managing the security of your mobile-based wallets, there are three things of significant importance:
- Never use public Wi-Fi. Hackers can breach the devices connected.
- Turn off your auto-updates for both applications and the device operating system (OS). Make sure you stay up to date, however, in case a security breach is discovered – you better allow some time before updating.
- Always use a 2-Factor Authenticator (2FA) when applicable. This is a timely changing code, and the most popular app in this field is Google Authenticator. This second layer of security will require a code for every login to your wallet or account. It ensures that without physical access to your device (or hacking it), it will be impossible to log in.
- Password-protect your device, so in case it’s stolen, your apps, and especially the 2FA app, will be out of reach.
- Never auto-save crypto-related passwords when offered by Google Chrome and any other password-saving tools.
- Protect your PC and phone with an up-to-date antivirus tool.
One more thing you can consider if you’re heavily into trading is purchasing another mobile device or PC that you will use only for cryptocurrency purposes. This device should be clean of any applications, as any app with ill-considered permissions can become a target point for hackers and a potential breach.
In continuation of the above, it’s critical to move your cryptocurrency out of a device that needs servicing. This could include things such as software updates, hardware updates, and so forth.
You should also never leave your device unattended and in no cases lend it to anyone. Even if the person you give the device is a trusted party, they might accidentally do something to it that would compromise its security, albeit intended it or not.
Backup Your Wallets
As a main rule, you should always store your wallet’s private keys offline. This way, they can’t be accessed by hackers. It’s also paramount to have backups of these private keys – also stored offline.
Besides, It’s highly recommended that you store a backup of your keys outside of your home as well – this way, you will have access to them in case of an incident such as a fire, earthquake, or whatever else might jeopardize the integrity of your home.
Although this might sound surprising, a recommended place to store your private key would be your bank’s safe. Of course, this should only be a backup – you should always have access to your private keys at your convenience.
Beware of Phishing Scams
Phishing scams are growing in popularity over the past couple of years as more and more people get involved in the cryptocurrency field.
There are many ways someone can compromise the security of your device, including through faux Google, Facebook, and YouTube ads, fake applications wrongly uploaded to the App Store and the Google Play Store, phishing domains that mimic popular and existing websites, and so forth.
Once you send your private key to a phishing scam website, you can rest assured that your cryptocurrency holdings will be gone within minutes, if not seconds. The worst thing is that these are usually very elaborate, and even people with experience might fall for them as the details are sometimes so hard to spot. They usually look exactly like the original.
That’s why it’s critical to never visit websites you don’t trust or fall out of the scope of your computer’s protection. Double- and triple-check the applications that you download and be 100% sure that they are the official ones and not fake.
We have reported about an unfortunate user who downloaded a look-alike app of the famous Exodus crypto wallet. This incident ended up with him quickly losing almost $80,000 worth of Ethereum (ETH) and NEO coins.
Double-Check the Destination Address
One of the challenges that cryptocurrency users face is that if they get the address wrong, the funds might be lost indefinitely with no way of recovering them.
This is why you should always triple-check the address that you send any payment transaction. There are also malicious programs that can edit a simple “copy and paste” procedure, so you end up pasting a different address that belongs to the bad actor.
A common way to guarantee the safety of your transfer is to first send a micropayment and then send the entire amount.
Check the URL Locks
When using a web wallet, you should ensure that there is an SSL security mark in the address window of your browser. This stands for a secure site seal and ensures that your browsing is encrypted.
The website should begin with HTTPS rather than HTTP, and you should notice a lock sign next to the URL.
Avoid Storing a Large Portion of Your Crypto on Exchanges
While a lot of the exchanges that are currently leading the market are considered safe and even have insurance, it’s never a wise idea to leave the bulk of your crypto on exchanges.
Remember, not your keys = not your bitcoin!
You should never keep more than what you need to trade with on exchanges because if it gets hacked, your money is as good as gone. We’ve already seen plenty of big-name exchanges, the most recent of which KuCoin, fall victim to hackers. Besides exchanges getting hacked, your crypto might be jeopardized if the company that runs the platform is subjected to law enforcement.
Keep Your Holdings Private
There’s a common saying in the cryptocurrency field about the old-fashioned $5 wrench attack. What this means is that someone can threaten your health or your life with a wrench that costs $5 from most stores and get you to give him your private keys.
While you can use technologies such as multi-signature wallets and so forth, the attacker won’t really care in most cases.
This is why it is absolutely paramount to never brag and flaunt your cryptocurrency holdings to anyone. Nobody needs to know exactly how many bitcoins you own or that you own any at all. Keep it to yourself, and there’s no way you will get targeted for that.