Wallet Security is arguably the biggest everyday challenge for crypto exchange platforms. While technology id sdsncing criminals are working hard to undermined the gate keepers of various maninnets. And victims are always in mind.
For example, a Singapore-based cryptocurrency exchange KuCoin has experienced a “security incident,” resulting in the loss of over $150 million worth of different cryptocurrencies.
Many incidents of attacks have been linked to, among other things, improper private key management, hacked exchanges, and phishing scams. There are other ways bad actors can go about to attack your savings and get away with your valuables.
It is important to recognized that when it comes to crypto, your security is entirely in your hands. And once the currencies leave your wallet there’s no way to get them back if sent to wrong wallet.
This is another critical incentive to always double check before clicking that key. There is no insurance or any other guarantee for crypto loss. We have identified 9 tips you must follow to remain safe and avoid preventable eventful transaction outcomes.
Make sure URL has locks
First thing to note when using a web wallet is that you should ensure there is an SSL security mark in the address window of your browser. Tbhis would prove that the site is secure and seal and ensures that your browsing is encrypted. So the webpage should start with https with lock symbol and not http.
Wallet or exchange threat to crypto
As a rule, users must understand that the biggest threat to their crypto is not through the blockchain but rather through their wallet or exchange. Criminals can track information and stored at the provider level. This compromised date may include your private key. This can then be accessed by hackers, enabling them to steal your savings.
The competition between the different digital wallets is growing, as the number of people using crypto is also on the rise.
This is why it’s becoming crucial for users to be very selective when it comes to the wallet they use. As a general rule of thumb, you should only use cryptocurrency wallets that are developed by reputable companies with a proven track record.
Don’t Put All Eggs in One Wallet: Also Use Cold Storage
According to CRYPTOPOTATO, not only is this a great practice when it comes to investing, but also when it comes to security. You should never put your entire cryptocurrency stack in a single wallet, even if you’re using hot or cold storage.
The best way to go about it is to use multiple cryptocurrency wallets and distribute your savings in a way that won’t affect you so much if one of them is compromised.
The usage of cold storage devices is strongly recommended. These wallets are not connected to the internet and, as such, are almost impossible to compromise unless you fall victim to a phishing scam, which is also discussed down below. The most popular brands are Trezor and Ledger.
Be Careful With Your Mobile Device and PC
A lot of the cryptocurrency wallets also come with a mobile application, and that’s one of the things that hackers tend to exploit.
When it comes to managing the security of your mobile-based wallets, there are three things of significant importance:
- Never use public Wi-Fi. Hackers can breach the devices connected.
- Turn off your auto-updates for both applications and the device operating system (OS). Make sure you stay up to date, however, in case a security breach is discovered – you better allow some time before updating.
- Always use a 2-Factor Authenticator (2FA) when applicable. This is a timely changing code and the most popular app in this field is Google Authenticator. This second layer of security will require a code for every login to your wallet or account. It ensures that without physical access to your device (or hacking it) it will be impossible to log in.
- Password-protect your device, so in case it’s stolen, your apps, and especially the 2FA app, will be out of reach.
- Never auto-save crypto-related passwords when offered by Google Chrome and any other password saving tools.
- Protect your PC and phone with an up-to-date antivirus tool.
One more thing you can consider if you’re heavily into trading is purchasing another mobile device or PC that you will use only for cryptocurrency purposes. This device should be clean of any applications, as any app with ill-considered permissions can become a target point for hackers and a potential breach.
Service Safety
In continuation of the above, it’s critical to move your cryptocurrency out of a device that needs servicing. This could include things such as software updates, hardware updates, and so forth.
You should also never leave your device unattended and in no cases lend it to anyone. Even if the person you give the device is a trusted party, they might accidentally do something to it that would compromise its security, regardless of whether they intend it or not.
Backup Your Wallets
As a main rule, you should always store your wallet’s private keys offline as in this way, they can’t be accessed by hackers. It’s also paramount to have backups of these private keys, which are also stored offline.
Besides, It’s highly recommended that you store a backup of your keys outside of your home as well – this way, you will have access to them in case of an incident such as a fire, earthquake, or whatever else might jeopardize the integrity of your home.
Although they might be sound surprising, a recommended place to store your private key would be your bank’s safe. This is likely the most secure place, which can be reached out by most people.
Beware of Phishing Scams
Phishing scams are growing in popularity over the past couple of years as more and more people get involved in the cryptocurrency field.
There are many ways someone can compromise the security of your device, including through faux Google, Facebook, YouTube ads, through fake applications wrongly uploaded to the App Store and the Google Play Store, through phishing domains that mimic popular and existing websites, and so forth.
Once you send your private key to a phishing scam website, you can rest assured that your cryptocurrency holdings will be gone within minutes. The worst thing is that these are usually very elaborate, and even people with experience might fall for them as the details are sometimes so hard to spot. They usually look exactly like the original.
That’s why it’s critical to never visit websites you don’t trust or fall out of the scope of your computer’s protection. Double- and triple-check the applications that you download and be 100% sure that they are the official ones and not fake.
We recently reported about an unfortunate user who downloaded a look-alike app of the famous Exodus crypto wallet. This incident ended up with him quickly losing almost $80,000 worth of Ethereum (ETH) and NEO coins.
One of the challenges that cryptocurrency users face is that if they get the address wrong, the funds might be lost indefinitely. No way to recover.
This is why you should always triple-check the address that you send any payment transaction. There are also malicious programs that can edit a simple “copy and paste” procedure, so you end up pasting a different address that belongs to the bad actor.
A common way to guarantee the safety of your transfer is to first send a micropayment and then to send the entire amount.
Avoid Storing a Large Portion of Your Crypto on Exchanges
While a lot of the exchanges that are currently leading the market are considered safe and even have insurance, it’s never a wise idea to leave the bulk of your crypto on exchanges. Remember, not your keys = not your bitcoin!
You should never keep more than what you need to trade with on exchanges because if it gets hacked, your money is as good as gone. We’ve already seen plenty of big-name exchanges, the most recent of which KuCoin, to fall victim to hackers.
Keep Your Holdings Private
There’s a common saying in the cryptocurrency field about the old-fashioned $5 wrench attack. What this means is that someone can threaten your health or your life with a wrench that costs $5 from most stores and get you to give him your private keys.
While you can use technologies such as multi-signature wallets and so forth, the attacker won’t really care, in most cases.
This is why it is absolutely paramount to never brag and flaunt your cryptocurrency holdings to anyone. Nobody needs to know exactly how much bitcoins you own or that you own any at all. Keep it to yourself, and there’s no way you will get targeted for that.