The Beginner’s Guide to Staying Safe in the World of Crypto
As more and more people learn about the crypto world and the number of scams increase, staying safe when buying, trading and holding cryptocurrencies has never been more important.
That is why we decided to set up this beginner’s guide to staying safe in the world of crypto. Whether you’re a gamer, a crypto veteran, a crypto newbie, or simply a member of the Hash Rush community, read along and take these tips to heart.
Keeping your private key secret
In order to understand the importance of keeping your private key secret, you need to know what your public key, your private key, and your address is. As this is complicated, we’ll provide a simplified explanation. In non-crypto terms, think of your Bitcoin (or other cryptocurrency) wallet as your PayPal account. The credentials that you use to log into your account would be your public key (e.g. your log-in name), your private key would be equivalent to you password, and finally the email address that you give out to people when you want them to send money into your account is called your Bitcoin address.
What is important to note here is that, in contrast with the PayPal example, you don’t need your password and your account name to access an account. All a scammer needs to access the funds that belong to a particular ‘account’, is the private key.
Taking this in, it becomes clear why the first and most important cryptocurrency rule is: never share your private key.
As a side note, do not even show the key over Skype or when on camera, even if it is for a short while. In a famous example in 2013, a QR code containing a private key was shown on television, after which the funds (then worth around $20) were stolen by someone who was watching the programme live.
Storing your cryptocurrency safely
Considering the importance of keeping your private key safe and secure, you might be surprised to hear that there are cases where you can use a wallet without having control over your private keys. In particular, this happens when you use a wallet provided to you by a cryptocurrency exchange.
Even so, there are many reasons for people to use exchange wallets. They are easy to use, you get one when you register an account, and it allows you to buy and sell your cryptocurrencies with ease. However, by using an exchange wallet as your primary storage, you are trusting the exchange to keep your private key safe, and so you are putting convenience over safety.
This risk is twofold. First, you’re not in control of your private keys, and second, your cryptocurrency is stored in a so-called ‘hot’ wallet.
Having discussed the first risk already, let’s turn to using hot wallets. There are two types of wallets: hot and cold wallets. A hot wallet is one that is always online and ready to use at all times. In contrast, a cold wallet is a wallet that is offline, and only connects to the internet when you need to use it.
As wallets provided by exchanges are ‘hot’, if the exchange were to be hacked, there’s a high chance that you would lose all funds stored in that wallet. You may not expect this to happen, but in the short history of cryptocurrencies several high profile exchanges have been hacked and in some cases forced to shut down (such as Mt.Gox, Bitfinex, and Youbit).
The good news is that protecting yourself against this type of threat is very easy. Simply only store small amounts of cryptocurrency in an exchange wallet — equivalent to the amount that you want to use. Keep the rest of your funds in a cold wallet, that way should anything happen to the exchange, the majority of your funds will not be in danger.
Cold storage and different wallet types
So what is the best way to store your cryptocurrency? Using cold storage (offline wallets). This type of storage is entirely offline, requires your input to connect to the internet, and ownership of the wallet is entirely in your hands. Additionally, there are multiple forms of cold storage; we’ll discuss the two most common ones.
Method 1: Paper Wallet
The most basic form of cold storage is a paper wallet. This form of wallet is printed out and stores your private and public keys on paper. By using a paper wallet, all your wallet data is stored on that piece of paper. Barring human error, hackers are unable to access its contents. Obviously, the major downside is that all your wallet information is on one printed piece of paper. So if you were to lose it, or if the ink were to fade away, there would be no way of getting your coins back. If you want to create a paper wallet, you should keep it in a safe location and perhaps even make a copy (although, the more copies you have, the greater risk to your funds).
Method 2: Hardware Wallet
A second and very popular form of cold storage is a hardware wallet. If you are planning on buying a large amount of cryptocurrencies, you should get yourself a hardware wallet; to date, there have been no verified incidents of cryptocurrency being stolen from a hardware wallet. Hardware wallets are small devices that connect to your computer through USB whenever you need to use them.
In comparison to a paper wallet, a hardware wallet allows for more flexibility and security. First, by connecting it to your computer, you can easily send or receive cryptocurrencies without having to type out your wallet details. Second, if something were to happen to your hardware wallet (stolen, lost, etc.), you can recover your funds via a special code that you receive when you first set up your wallet. Some popular hardware wallets are the Ledger Nano S, Trezor, and KeepKey.
How to keep yourself safe from phishing
Even if our tips are taken into account, the most secure storage is at risk if its owner is not cautious. According to Chainalysis, in 2017 over $115 million in Ethereum was stolen as a result of phishing.
Phishing is the attempt by fraudsters to obtain your private and sensitive details by disguising themselves as a trustworthy entity. In the world of cryptocurrencies, the most common phishing attempts will come via chat platforms. Slack in particular is notorious for this. See the image below for an example of a phishing attempt.
While such a message may look convincing at first glance, if you hover over the MyEtherWallet URL, you will notice that the actual URL points to a very different site. Should you follow such a link and log into your wallet, scammers would steal all of your cryptocurrency in a matter of seconds.
The best way to stay safe in this regard is to check and double-check the URLs that you use to access cryptocurrency exchanges, ICO websites, online wallets (like MyEtherWallet) and any other cryptocurrency-related website. Ignore all links that are shared to you in private, navigate to the website you need to use yourself, verify the URL (be especially careful for special characters) and bookmark the real website. That way, you can be totally sure that you are using the correct link.
There’s a lot more to say about different types of wallets (such as a brainwallet!), using tools such as Meta Mask to stay safe when trading cryptocurrencies, and much more — but we’ll leave that for another time. If you take only one thing from this article, let it be the number 1 rule: “always keep your private keys private”.