How To Keep Your Cryptocurrency Safe – Contrast Crypto
Boasting large balances online might make you feel cool, and it might even make you more popular among your peers — but it will also make you a target.
Flashing your net worth online is risky. If you’re flashing cash online and posting photos of your holidays, people may try to figure out your location.
This is a classic case of leaving all of your eggs in one basket. Don’t do it.
Cryptocurrency exchanges are targets for hackers because of the sheer volume of cryptocurrency that passes through an exchange, as well as the amount of funds held in storage. It’s just like holding up a bank in the wild west.
‘Besides, only using one cryptocurrency exchange limits your investment opportunities to whatever is listed on that exchange. If you do want to use only the one exchange, that’s fine — just try not to store your funds on the exchange. Use a hardware wallet, or at least a desktop wallet for storage between trades…which leads us into the next mistake.
Remember how we said you could store your funds in a desktop wallet? Well, you can — but if it’s possible, you should use a hardware wallet.
The connection between hot wallets like Jaxx and the internet is what makes them vulnerable. Also the fact they are running on your computer or smart phone makes them vulnerable to malicious exploits.
I’m not saying don’t use hot wallets — they can be really convenient — just don’t use them as your main storage option.
You are the only person responsible for the management of your digital assets, unless of course you choose to share that burden with others — either way you’re accountable for any outcomes that eventuate.
You have to manage your funds in a way that protects your butt in the event you lose your wallet, your computer is stolen, or even your house burning down. These things don’t happen to everyone, but unfortunately they will happen to someone. That someone though, they can use safeguards to protect their cryptocurrency wallets if loss, theft or damage becomes a reality.
BACK UP YOUR PRIVATE KEY
It could be as simple as storing a hand written private key in a safety deposit box.
But we hate the banks? Sure. Unless you’re living at the bank, it probably won’t catch on fire if your house does.
Or you could get a fireproof private key backup device like a BillFodl, CryptoSteel or CryptoTag. Keep that at home somewhere safe, or split your private key between multiple parties — it’s up to you. Either way, you should put some thought into what you’re plan is if something goes wrong.
This most certainly does not mean use SMS-based 2FA. SIM swapping is real and it happens, so don’t get caught out by it.
Consider Google Authenticator, Fido U2F, or a physical authentication key like the YubiKey — some hardware wallets like the Ledger and Trezor products provide a similar function.
Sure, it’ll take a little bit of extra time to log into an exchange, but it’ll do wonders for preventing unauthorized access to your account by introducing a second layer to the login process.
Yes, we know, two-factor authentication is annoying. And if I’m being perfectly honest, I don’t use it myself on services like Facebook and Outlook. For me, it’s more hassle than its worth.
Typosquatting is when attackers create a website that is spelled similar to the domain name of a popular website.
These websites may present themselves in a phishing email hoping you will like the malicious link, like poIoniex.com instead of poloniex.com — at first glance you might not notice a capital ‘i’ replaces the lowercase ‘l’.
Alternatively, they could present in a form that attempts to capitalize on misspellings, like bimance.com instead of binance.com — hoping the user will hit enter before realising they’ve typed the wrong address.
Users are then presented with a website that looks identical to the official one, in the hope they deposit funds into an attackers wallet.
For users, the easiest solution is not save your wallet and exchange URLs to your bookmarks, and only access them from there.
Double check the address, triple check the address. You don’t want to become a victim of a man in the middle attack.
Make sure you are sending your funds exactly where you want them to go. If you accidentally send it to the wrong wallet, and you don’t have control of that wallet, you (unfortunately) can’t rely on the generosity of a stranger to return the funds to you.
If people on the internet are asking you to send money to them, don’t do it. Even if they’re offering to send 10x the amount in return.
If it sounds too good to be true, it probably is not true. Play it safe and avoid it.
Don’t enter your private key anywhere online either, that’s just plain silly. It’s literally giving someone else access to your wallet, and you do not want to do that.
This is a big one.
Free public Wi-Fi networks, whether it’s school, an airport, or McDonald’s…they often like to use that as a means of getting themselves some of your sweet, sweet data.
They’re also not the most secure networks and you don’t know how the data is being store, so best to play it safe and not play with your crypto while on a free public network.
Have you ever looked at the permissions for some of the browser extensions out there? Or even app permissions?
Why does this app to correct my spelling need access to my microphone or camera?
You can use browser extensions, we’re not saying not to, but it might be wise to consider using a different browser, or device, to perform your cryptocurrency transactions.
Don’t use words from the dictionary — that’s probably the easiest way to start.
Don’t repeat passwords. If one service gets compromised and an attacker gets your login credentials, you don’t want them to get access to your other accounts.
DON’T FORGET (PROPER, NON SMS-BASED) 2FA!
Published at Thu, 24 Oct 2019 01:01:45 +0000
{flickr|100|campaign}
