How To Keep Your Bitcoin Safe From Hacks, Scams and Phishing
From time to time, we hear stories of people losing their Bitcoin to hacks, scams, and phishing. This is always difficult to hear, because it’s usually the result of preventable security lapses.
Protecting your Bitcoin is simple if you know how. You just need to follow best practices — the same ones you probably already follow with your online banking.
Today we’re going to explain how to protect your cryptocurrency from the most common mishaps.
But first, it’s important to clear up some confusion. When we talk about hacks, we don’t mean that Bitcoin itself has been hacked — that’s never happened and probably never will. And although cryptocurrency exchanges have been hacked, it’s usually the case that an individual user’s account was compromised (not the whole exchange.) Many so-called hacks are actually phishing attacks and many scams are in fact unrelated to Bitcoin.
With that said, let’s look at how you can protect your cryptocurrency from hacks, scams and phishing.
Step one: Choose a legitimate cryptocurrency company
The first step to protecting your Bitcoin is ensuring you choose a reputable company to buy, store, and sell it.
Yes, there are rogue actors in this market, but it’s not impossible to sort the good from the bad.
Before you hand over your money or details, remember to:
- Look for a company that has been around a while and has a track record of good security
- Verify the identities of the owners and employees (e.g. search the company name on Linkedin)
- Check for involvement with the relevant authorities and regulators
- Consider the company’s procedures for verifying customers and preventing financial crime — you should be able to find information on their website
- Research venture capital firms invested in the company and the resources they may provide.
If in doubt, don’t take any risks.
Of course, we know this sounds dubious coming from a cryptocurrency company, which is why we’d always urge you to do your own research and not take our word for it.
Step two: Protect yourself from hackers
However, there are steps you can take to ensure good security.
If you don’t do your part to protect your account, no amount of back-end security will prevent hackers stealing your Bitcoin.
But it’s simple and involves much the same rules as you use to protect your online banking:
- Basic password security: don’t repeat, never share, don’t write down, don’t use common ones, choose a strong password
- Turn on two-factor authentication: this means no one can access your account unless they have access to your phone
- Protect your email account: use a strong, unique password and turn on two-factor authentication for your email too
- Lock your account: if you suspect your account has been compromised, Luno lets you immediately lock it.
Step three: Learn to spot scams and phishing
Phishing attacks occur when criminals create a website or email that looks exactly like it belongs to a legitimate, trusted company. They then deceive you into giving them important details, including your log-in or payment information.
You might receive an email from your wallet provider, asking you to check some recent activity. When you click the link in the email, it might ask you to log-in or re-enter your payment details.
And then, with little effort, the criminals can access your real account and steal your Bitcoin.
Recently, we’ve had reports of fake websites, messages, online ads and emails that claim to be from Luno. They look genuine at first glance and ask customers to log-in. If a customer falls for this, the criminals behind the phishing attack may be able to steal the contents of their account.
To avoid becoming victim to a phishing attack, you should:
- Always check the URL of a website before logging in or clicking an ad
- Enter the URL directly rather than googling the company name
- Never provide your password or payment details by email or message
- Pay attention to your intuition — if something feels wrong, double check it
- Don’t provide any details without a reason and be careful with sensitive information (e.g. your PIN)
- Check the address before replying to any emails claiming to be from a company
- If you’re unsure about a website, try logging in with a fake password
How Luno protects your cryptocurrency
Most of the steps towards keeping your Bitcoin safe are behind the scenes, which is why it’s so important to choose a trustworthy cryptocurrency company. At Luno, we are transparent about our security practices and to always follow the highest standards.
Some of the important ways we protect your Bitcoin include:
- Deep freeze storage: we store private keys in multi-signature wallets, spread across different bank vaults
- Hot wallet: to let you withdraw Bitcoin instantly, we maintain a multi-signature wallet with the key split between Luno and BitGo
- Passwords: we store passwords in a hashed form and encourage customers to use strong passwords
- Two-factor authentication (2FA): we support 2FA so you can keep your account extra safe
- Encryption: all web services happen over SSL-secured channels and wallets are stored with PGP encryption
Luno has never been hacked and now looks after over 2 million people’s cryptocurrency. We’ll delve deeper into our security practices later this month if you’re curious to learn more.
