Crypto Security
Best practices for protecting your digital assets.
To safeguard your assets and ensure you don't fall foul to common crypto-based scams, there are a number of steps you should familiarize yourself with.
Never keep digital copies of private keys or seed phrases
Private keys and seed phrases are vitally important pieces of information for accessing and recovering a crypto wallet.
When making copies of this sensitive data, manually write the codes down on paper or use metal plate products available for recording crypto keys. These can then be secured in a fireproof or waterproof safe. Taking a screenshot, sending phrases via email, or texting them to someone are common ways cybercriminals gain access to sensitive crypto information.
Minimize assets held on crypto and DeFi platforms
Assets held on centralized crypto platforms often sit in online wallets controlled by the underlying platform, making them a target for hackers. Billions of dollars have been stolen due to poor security surrounding these wallets. It's recommended that users never hold all their funds on any single platform.
With DeFi protocols, assets are held in smart contracts that have in some cases contained exploitable loopholes. Only hold a percentage of your digital wealth in any given DeFi protocol to mitigate risk.
Enable two-factor authentication
Two-factor authentication (2FA) adds an additional layer of security to your email and crypto accounts. Apps like Google Authenticator provide passcodes that self-destruct and renew every 10 seconds. Keep backup recovery codes stored securely offline.
Avoid disclosing crypto holdings
Whether in online forums or public settings, never disclose your crypto holdings. Telling people you own crypto can make you a target for criminals. In extreme cases, individuals have been taken hostage and forced to hand over assets after criminals learned about their holdings.
Types of Crypto Wallet
Hot Wallets
Browser-based wallets like MetaMask or Coinbase Wallet are permanently connected to the internet, offering convenience but increased exposure to phishing, malware, and key theft. Private keys are stored online or on the device where the software is installed.
Cold Wallets
Physical devices like Ledger and Trezor that remain disconnected from the internet. Significantly more secure than hot wallets. Only purchase directly from an official manufacturer — tampered devices exist on the secondary market.
Common Cryptocurrency Threats
A majority of scams in the industry follow one of three classic setups:
Crypto Giveaways
Fake profiles leveraging the image of influential people, claiming to double any crypto deposited. Funds are taken and nothing is returned.
Phishing Emails
After data leaks, affected users receive messages from seemingly official sources asking for login details, or links that install malware targeting crypto wallets.
Ponzi Schemes
Platforms offering extremely high returns for little effort. Before investing, verify: can the team be identified? Is the return mechanism explained? Can you withdraw funds?