With over $14 billion in cryptocurrency lost to theft and hacks in 2021, as well as media hype around security concerns, the world of crypto investing can seem like a scary place - but it doesn’t have to be. There are things you can do to make it safer.
Although cryptocurrencies aren’t protected by the same FCSC or FDIC guarantees as assets held in a bank, there are several ways to eliminate the risk of losing your crypto assets.
Below, we explore seven simple but effective steps you can take to stay safe when investing in crypto.
1. Protecting private keys
When you create a new hot wallet, the provider or exchange issues you a 256-bit alphanumeric electronic private key for you to use to access your wallet.
However, if someone manages to steal your private key they can also use it to access your wallet and steal your crypto. For this reason, it's important to guard your private key by storing it securely and never sharing it with anyone.
To keep your private key safe from hackers, avoid storing it in any of the following locations:
- Note-taking apps
- Cloud storage solutions like Google Drive or Dropbox
- Computer files
2. Storing keys on crypto exchanges
Storing crypto in a hot wallet controlled by a crypto exchange is convenient. But it can also increase the risk of theft, as you’re handing over control of your private keys to a third party whose security measures you have no control over.
Whenever you’re looking for a crypto exchange to store your funds with, check that they have rigorous security measures in place to make sure that you don’t lose access. For example, some exchanges use Coincover’s disaster recovery product to protect your funds from loss of access - look out for the Coincover logo on exchanges for maximum protection.
3. Learn how to spot phishing emails
Cyber criminals often use phishing emails to try and trick crypto investors into visiting fake websites. Fraudsters create sites that mimic well-known crypto exchanges to trick users into entering their login details, which the hackers then steal to break into their online accounts.
While many of these phishing emails are highly elaborate and difficult to spot, you can protect yourself by never clicking on any links or attachments from unknown senders. You should also report any emails that try to use high-pressure tactics to get you to hand over or update financial information.
4. Use Personal Crypto Protection for hot wallets
If you have a hot wallet that's connected to the internet, it might be worth considering Coincover's Personal Crypto Protection, a technology that monitors for fraudulent activity. Personal Crypto Protection uses the only technology in the world that protects over 200 types of crypto assets and helps to safeguard crypto investors against financial loss due to hacks or theft.
5. Be careful when surfing the web using public Wi-Fi
Fraudsters often target consumers with scams when they're surfing the web so they can steal their personal information. If you regularly browse or shop online, it's important to know how to protect your data.
One of the easiest ways to protect yourself is to only shop on sites that begin with HTTPS and display the secure lock symbol. Sites with an HTTPS certificate encrypt all your data with TLS encryption so it can't be read by cyber criminals, making it much more difficult to steal.
You can also use a Virtual Private Network (VPN) to encrypt your traffic when you’re browsing the web to make sure that no one can eavesdrop on your activity.
6. Use authentication apps
In recent months, security measures like SMS-based multi-factor authentication (MFA) have become less effective as cyber criminals have started using SIM-swapping attacks that sidestep it.
During these attacks, a fraudster phones up a victim's mobile provider impersonating them and claiming they've lost their mobile phone to trick the representative into assigning the number to a new SIM card.
Once the number is reassigned to a new SIM, the attacker then uses it to apply for an MFA passcode to the user's online crypto account so they can steal their funds.
You can protect yourself from these kinds of attacks by using an authentication app like Google Authenticator with an authentication mechanism linked to a specific device rather than a phone number.
7. Be wary of crypto investment scams
If you receive an email about a crypto investment opportunity or initial coin offering (ICO) that makes bold claims that you're going to "double your investment", then it's likely a scam.
Fraudsters often create crypto investment scams to try and trick consumers into investing in bogus coins. So it's important to carefully research any opportunities like this before you decide to invest.
We asked one of our trusted partners, Anthony Less, Global Head of Product at Wirex for his tips on avoiding Crypto scams. "Scams are becoming increasingly sophisticated, mimicking the branding and tone of voice of legitimate organisations. Most financial companies are aware of this and offer clear guidelines detailing how they communicate with customers. If something looks suspicious, it's always best to check through an official channel. And as always, remember that if it sounds too good to be true, it probably is."