HodlX Guest Post Submit Your Post
Security is one of the most crucial components in the financial domain, and the cryptocurrency industry is no different. As hackers are highly incentivized to gain access to funds which an exchange claims they hold, the measures to protect these assets need to be extraordinary. Here are some top tips to help you keep your funds out of the reach of malicious actors.
Top 10 Security Tips
1. Beware of phishing scams
Phishing is a type of intentional deception designed to steal your private information. A malicious actor tries to get passwords, account information, private keys, or other personal information from you by trying to catch you off-guard. Phishing schemes usually come via spam, email, or pop-up windows. Don’t click on anything you weren’t expecting or that looks unauthentic. There are lots of criteria to verify whether a link or email is authentic.
2. Don’t click on any links you don’t recognize
We already mentioned this in the first point, but it definitely deserves a second mention. A well-known and strict rule here is: think before you click. Who is the sender? Was I expecting this email? How is the message written? Does the message contain lots of mistakes or does it have an incoherent structure? If anything, be suspicious.
3. Don’t store any passwords or seed phrases in the cloud
Don’t be naive by thinking you have the most intricate password storing system in place. The most damaging thing you could do to yourself is think you can outsmart a hacker and let your ego tell you you have “everything under control”. Storing any passwords or seed phrases in the cloud is the biggest of no-no’s and simply a question of “when not if.”
4. Buy a cryptocurrency hardware wallet
A hardware wallet is a type of wallet where you can store your private keys on a secure physical device. The cryptocurrencies stored in the wallet are kept offline, meaning that they can’t be hacked. If however, you store your seed phrase in the cloud, this beats the entire purpose of the hardware wallet. So write it down on a piece of paper instead.
5. Avoid public WiFi
If you are going to interact with exchanges, wallets, public addresses, and whatever kind of crypto information, you want to be 100% sure that no one is looking over your digital shoulder. Public WiFi offers hackers the ability to position themselves between you and the connection point. So, instead of talking directly with the hotspot, you could potentially be sending your information to the hacker. Be very aware of this, and avoid public WiFi, no matter what.
6. Ensure device safety – (anti-virus)
Viruses, trojans, botnets, ransomware, malvertising, riskware, hijacks, and other types of malware – you can be exposed to all of these if you maintain bad security management behavior. So why not use a tool to protect yourself? Protect yourself against a malicious actor who has managed to install malware that crawls your device for 12-word seed phrases.
7. Enable two-factor authentication (everywhere)
No-brainer incoming. Having any account which contains private or valuable information without 2FA activated is equivalent to using password1234 as your password.
8. If it seems too good to be true it probably is
“You have won 10K! You are going to receive a 100K transfer! You are a magical winner of some free crypto!”
If it seems too good to be true it probably is. Cybercriminals don’t discriminate when they try to socially engineer you. This includes invites on LinkedIn with requests to open documents and to click on links. Respectfully refuse and request to communicate within the platform itself. Sometimes there will be a request for you to refer someone you know or they will attempt to lure you in with something that flatters you. It will be something you know, deep down, simply cannot be true. So, don’t be naive.
9. Become a password-manager ninja
Who doesn’t have 200+ passwords to manage nowadays? That number will only increase in this digital (quarantined) age. Reusing the same password is a big no. Only using numbers is also a big no (even though you think you are being smart with your 26 digit password). You will get humbled by a brute force attack. Check if your email has been breached on haveibeenpowned.com. Learn how to make strong passwords; there are techniques to do so, using a combination of all kinds of digits, numbers, numerics, and special characters. Research password managers.
10.The ultimate and final security measure
Make sure your exchange has had an audit conducted by a professional accounting and business consulting firm to prove the presence of (your) collateral. Users need to know how their assets are stored in an exchange. They trust an institution with their funds. If on top of a conducted audit, your exchange provides you with extra features and tools within the platform to check the presence of collateral, it reflects that they are taking extra efforts to protect your assets.
Here is a detailed infographic that depicts the cycle of these measures.
Trust is the new crypto-criterion
Central to the relationship between any financial institution and the customer is trust. You trust your institution or middle man to do the right thing, day in and day out. When you walk into your bank, for instance, you trust that your banker will greet you with a smile, and when you are not there, you trust that the bank will keep your personal information and your assets safe.
But what if trust isn’t enough?
Security remains a super-hot topic in the crypto space. Whereas banks ensure that all deposits (in Europe) up to €100.000 are protected through national DGs (deposit guarantee schemes), the crypto space doesn’t have such a system in place yet. This means that the entire responsibility for the management of funds comes down to the responsibility of the user. And as crypto allows for huge profits amidst those losses, this means that wealth and asset preservation is a controversial topic all around.
Patrick is a Community Manager at Gate.io. He is passionate about blockchain technology and how it has fast-tracked innovation not only in fintech but in various other sectors too. At Gate.io, he is responsible for updating the community about ongoing campaigns, novel features, overall development, and making sure everyone is happy. He facilitates the creation of appealing visual and written digital content across various channels, keeping users informed about all of Gate.io’s achievements along the way.
Featured Image: Shutterstock/FOTOGRIN