Crypto security tips you must know!
How do you avoid unnecessary losses, scams and shady services in crypto e-space and what can you do to protect your coins?
Following up on my previous article about biggest crypto scams of the last year, I have decided to write about what you can do, to make sure your funds, investments and trading accounts are as safe as possible. I am even going to tackle the notorious topic of “Not your keys, not your crypto” and more.
As with almost everything, even here we can find certain trade-offs which you will have to think through and then decide what is best suited for you. Higher security usually means lessened flexibility or higher fees, lower fees and quicker transactions can mean lower security of the blockchain and similarly.
Nevertheless, here are several things to keep in mind when it comes to crypto security:
Passwords and 2FA
Whether it comes to your exchange account password or a password for your online or mobile wallet, you should always make sure it’s a strong combination of lower- and upper-case letters, numbers and ideally even special symbols to ensure its maximum strength. It is also generally recommended to NOT use the same password for every account/wallet/etc. because in case of security breach on one end, all of your accounts/wallets/etc. are in danger and your funds can be easily stolen.
Nowadays an essential security measure, 2-factor-authentication, should be definitely enabled on all your accounts that store real money. The easiest way to use 2FA is via Google Authenticator app or an SMS. This adds another layer to security of your accounts and protection of your funds.
Lastly, how to store your passwords and security keys is an important question as well. You can’t possibly remember them all, especially if you are to follow my previous advice about using different passwords for different accounts. First thing that comes to mind is the use of some kind of password manager, which are becoming more popular every day. My issue with this solution is that it is usually an online service or at least an application which means it can be hacked and then all your passwords are compromised. Solution I would suggest is maybe a little old-fashioned, but perhaps that’s exactly what we need in this digital age — write your passwords and keys in a journal or on a piece of paper. In my opinion, in times that are so online- and virtual-focused, keeping only a physical copy of your passwords is the safest option there is. You just have to make sure not to lose or destroy it by accident.
You can also take it to the next level and write your security key (e.g., for your most valuable wallet) on TWO pieces of paper (one half on one paper, second on another one) and store them separately, on different places, to ensure even more security.
Exchange accounts vs. wallets
This is the chapter where the phrase “Not your keys, not your crypto” comes to play a role. And that is because it is fundamentally true. Yet, the situation is complicated.
As mentioned before, you can find certain trade-offs in almost every set of choices. One gives you X but limits Y, and similarly. This topic is no different.
Using a trading account on an exchange offers you great opportunities when it comes to convenience — all the different trading pairs, leverage trading, usually some DeFi services, launchpads and more. But, keeping your funds stored on an exchange account can be a security risk, because firstly, you don’t own them directly, you own them through a third party (the exchange), meaning you aren’t in full control. Secondly, this means that if the exchange was hacked, your funds would be at great risk. Which unfortunately sometimes can happen.
On the other hand, using a crypto wallet is a safer option when it comes to security and protection, however, it has very limited functionality and definitely isn’t as flexible as an exchange. Wallets in general are a great place to store the cryptocurrencies you know you want to hold for a longer period of time.
But it is important to mention that with a wallet, you have the option to connect to different DEXes (decentralized exchanges), such as PancakeSwap or Uniswap, and do the trading, farming and all other operations through their interface. After you are done, you simply disconnect the wallet.
The same goes for using a cold wallet, which is arguably the safest option of them all (unless you forget your keys and lose all your cryptocurrency forever).
So, as you can see, every option has its pros and cons. Ultimately, it is up to you to decide what is best for you. In most cases, you will probably end up using the combination of wallet(s) and exchange account(s), so you could benefit from the vast options an exchange offers while still keeping the majority of your crypto safe in a wallet.
Scams and phishing
Last but not least, the importance of recognizing a scam is not stressed enough. In my last article, you can read that scammers alone stole $14 billion in the last year!
So, what can you do to not fall victim to one of them? I feel like a lot of times the loss could have been prevented, only if people would have done more research on the cryptocurrency/project they were buying into. Do your own research! Google it, read other people’s feedback, check the official website. If it sounds too good to be true, it is not true. If the project promises you huge profits for minimal involvement, it is probably a scam.
A lot of people who fall prey to scammers are blinded by the promise of quick profits. Stay rational and remember, patience is a virtue.
If you are unsure if an investment is a good idea or not, let me direct you to our previous articles about Fundamental analysis and How to choose a good cryptocurrency:
Now, when it comes to phishing — a hackers/scammers stealing your log in information, usually through fake “official” website — there are several things to keep in mind. Phishing is often done through fake emails (or other types of messages, e.g. Telegram DM) containing an alarming message or warning. Something along the lines of: “Update your account information in 48 hours or your account will be suspended and funds lost!” or “Your account has been hacked, log in here to change your security information and prevent any losses!”
Don’t be too quick to react, don’t be impulsive. Check the email address and compare it to the official one (of the exchange/service…). The official support almost never contacts you first, exactly for this reason, so the email address (or an account nickname in the case of other communication channels) will probably be off. If you still aren’t sure, check the URL address of link in the email/message and again, compare it to the official one. It will probably be off.
Also, anytime you are logging into an account through a page opened via a link somewhere, rather than typing it in yourself, always check the URL address.
These are few very simple to follow steps to uncover most potential phishing attempts and scams. Keep safe and be cautious, unfortunately there are still many scammers in the crypto community.
