Safety and Security Guide
Spotting and Avoiding Scams
Scammers try to steal your crypto by pretending to be legitimate users or services. While they can be crafty, they often leave telltale signs that can help you identify them before they cause harm.
A scammer's account often shows several warning signs:
- Recently created account
- Missing or generic profile picture
- Slow or inconsistent responses
- Little participation in public discussions
Pay special attention to how they communicate. Scammers typically make unsolicited contact, promising amazing opportunities or trying to create artificial urgency.
Remember the team will never message you first. If someone you don't know messages you about crypto, it's best to ignore the message and report the account.
Link and QR Code Safety
Scammers excel at creating fake websites that look nearly identical to legitimate ones. This applies to QR codes too - only scan them if they come from a source you absolutely trust.
The best practice is to scrutinize everything and verify legitimacy. Only click links from trusted sources, and make sure they're links you expect or recognize. Most modern phones can scan QR codes, but just because you can scan one doesn't mean you should.
Always verify website addresses carefully before connecting your wallet.
Account Security
Password Protection
Think of your password as a key to your digital vault. When you create accounts, use strong passwords and never reuse them across different services. If someone gains access to one password, they shouldn't be able to access your other accounts.
Monitor your account activity regularly. Many platforms show you where you're currently logged in and what devices are accessing your account. If you spot any suspicious sessions:
- Immediately terminate unknown sessions
- Change your password
- Enable additional security measures if available, like a password manager
Multi-Factor Authentication (MFA)
Multi-factor authentication adds crucial extra security to your accounts. It requires both your password and a second form of verification that only you should have access to.
Here are the most common MFA methods, from most to least secure:
- Hardware Security Keys (like YubiKey)
- Authenticator Apps (Google Authenticator, Authy)
- Email verification
- SMS verification
Setting up an authenticator app is straightforward. You'll either scan a QR code or enter a key to connect your account. Most apps that support MFA will provide backup codes - keep these somewhere safe, but never store them digitally where they could be compromised.
Always store backup codes on paper, never in digital form. If your online accounts are compromised, digital backup codes could be stolen too.
Wallet Security
Your crypto wallet deserves special attention when it comes to security. Having your wallet compromised can mean watching your investments disappear in real time. While sometimes you can re-secure a compromised wallet by revoking contract access, prevention is always better than cure.
Essential Wallet Protection
The most critical aspect of wallet security is protecting your seed phrase - the 12-24 words that control your wallet. Never share this phrase with anyone. If someone asks for it, they're trying to scam you. Store your seed phrase offline, preferably written on paper and kept in a secure location.
A few key practices will help keep your wallet safe:
- Disconnect your wallet from services after using them
- Review all transaction details carefully before confirming
- Keep your most valuable assets in a separate wallet from the one you use for regular transactions
- Consider using a hardware wallet for extra security
- Periodically review and remove your wallets permissions, using a service such as Revoke Cash
If Your Wallet Gets Compromised
If you suspect your wallet has been compromised, act quickly:
- Immediately create a new wallet
- Transfer all funds to the new wallet
- Document everything with screenshots, tranasction hashes, etc
- Check your devices for any malware
- Review your online accounts, passwords and recent activity
Remember that even if you secure a compromised wallet, the attacker knows you were vulnerable. It's often safer to start fresh with a new wallet.
Hardware Wallets
A hardware wallet, sometimes called a cold wallet, provides an extra layer of security by storing your private keys offline. While not completely foolproof, they offer significant protection against malware and online attacks. Popular options like Trezor and Ledger have become increasingly user-friendly while maintaining strong security.
Hardware wallets protect against risks that are hard to control otherwise, such as exchange breaches or malware attacks. They require physical confirmation for transactions, making unauthorized access much more difficult.
Even with a hardware wallet, never store your recovery seed digitally. Use paper or specialized metal storage devices designed for seed phrases.
Additional Protection
While focusing on crypto-specific security is important, don't forget about basic online safety. A VPN (Virtual Private Network) can add valuable protection by encrypting your connection and hiding your location from potential attackers.
Consider using these additional security tools:
- Antivirus software
- Ad blockers
- Script blockers
- Password manager
- Regular software updates
Remember that security works best in layers - no single tool or practice can protect you from every threat. Combine multiple security measures and stay vigilant about new types of scams and attacks.