We hear horror stories once every few Months and we pray it never happens to us...but there are steps you can follow to protect yourself from being a victim
1- Buy a hardware COLD wallet
Think about your wallet like a physical bank, would you keep your hard earned cash in a sketchy bank that offers no insurance or regulation ?. Well it's almost the same when it comes to cryptocurrencies, you have unregulated exchanges that offer you to store your coins, wallets in Apps for your phone that you have no control over and other types (more secure) like paper wallet but really not convenient. Don't be cheap when it comes to security and specially for your unchargebackable Bitcoins or other Crypto currencies. You have Ledger and Trezor which are currently the most popular ones and you have full control over your coins, they are not actually storing your coins.
2- When you trade, secure your online account
Obviously your bitcoins, most of the time, cannot stay in the cold. You need to take them out, trade them, sell them or even buy more. When you create an exchange account to do so, first thing you do is go on your security settings and add a 2FA (2 Factor Authentication) with SMS or Google Authenticator. This gives you a temporary peace of mind in case a hacker has all of your online password. It creates a layer of security that needs an extra step to login or to withdraw.
3- Basic, underrated and simple secure way of avoiding transaction losses.
The most obvious and completely basic way of avoiding mistakes knowing that you cannot return any transaction sent with cryptocurrencies, is to send a small amount like a little test before you complete with the rest of the original amount you wanted to send. For instance, if you need to send to Brian 1,000$ worth of Bitcoin, send him first a small amount like 20$. You have no idea how many mistakes are made by even experienced traders when it comes to that basic operation. It will cost you a bit more because of miner fees, but it will you make you save money on the long run by avoiding big losses.
4- Phishing websites
Oh, yes phishing is still a thing and over 100,000,000$...yes your read it, 100 MILLION DOLLARS was stolen using phishing methods. Here is an example just from yesterday (08/10/2020) :
This is what comes up when you write simply : Ledger on Google. Right above the official Ledger website you have "Ledger Top"...and the first thing they ask when you click on the link is to insert your Ledger wallet and write down your recovery. Here is a look :
You see, no website, ever will ask you to input your recovery seed on your computer, not Trezor or Ledger. Don't ever type your recovery seed on your computer. EVER !
5- Recovery seed
The way you store your recovery seed tells you a lot about yourself. Do you just write down once the words and store them somewhere safe...or do you make 2 copies, and store them in two different places ? Do you cut in half the 24 words, 12 in a place and the other 12 in a completely different location ? Well in the questions you have your answers … and there are layers of security you can add to stay completely safe. Knowing that if someone finds your seed, they have access to all the funds, go the extra mile and exaggerate your layers of security to stay completely safe. Most importantly, DO NOT write your seed in a online platform like password managers, notepads, emails, google drive and obviously do not take pictures of it. Whatever is online is completely hackable. Write it, like old times, with a pen and paper, that's it !
6- Passphrase
Passphrase is probably the best layer of security. if you don't know what it is it's an extra word to your recovery seed but that you wouldn't write down. A word that you don’t have to write in order to remember, it's something that you cannot forget. The way it works is that if someone finds your recovery seed and tries to recover all of your funds in another wallet, they would also need that word. Since you didn’t write it down, the hacker/robber will never be able to access the funds. The main purpose was to protect your funds from the physical recovery seed if it was to be stolen. Also, it helps in case of an actual hold-up robbery, let me explain : A robber comes to you with a gun and asks you to open your wallet with your PIN code .. and telling him that you don't remember the PIN code you will have a lot of problems. But if you do have an extra word (passphrase), you would have on the same wallet two different accounts, one as a “cover” with a few hundred dollars and the other account under a different PIN code (and the extra word) were you have all of your funds and there is no way that the robber knows if you have another PIN code and passphrase. When you have a Ledger wallet or Trezor, you can add that passphrase easily.
7- Double check before sending
Whenever you want to send bitcoins or other cryptocurrencies, almost every wallet will ask you to confirm the receiving address before you send. Most of us don't even double-check because we just copy pasted it but here's the catch : If a hacker has access to your computer, he can easily modify the receiving address wherever you got it from, for example: By email, telegram or written on a notepad in your PC. The best way to protect yourself against these kind of attacks is to always verify and copy the receiving address a few seconds before you send the funds, and when you do, on your hardware wallet, double check to see if it matches with what you copied.
If there is one downside to owning cryptocurrencies is the fact that you are 100% responsible of your funds, and one mistake can cost you it all but if you follow these steps, there is virtually no way of getting your coins stolen. If you don't have a wallet, you can purchase Ledger in our Shop , we are an official reseller.