Staying Safe in Crypto: Tips and Practices to Protect Your Stack

Key points to remember

  • With the growing popularity and adoption of cryptocurrency and NFTs, hackers are finding new and improved ways to steal your valuable assets.
  • Taking your cryptographic security seriously is crucial to not getting hacked. All crypto users should adopt strong security habits to protect their tokens.
  • Phemex, one of the leading exchanges in the industry, applies a high level of security to protect user assets.

Share this article

Far too often we hear stories of people losing their crypto to hacks, phishing attempts, or simply losing access to their wallet. This article will outline a set of strong security habits to help users protect their tokens for life.

Not your keys, not your crypto

Self-custody is crucial because it means that the only person who can access your account and the assets in it is no one else but you.

Every time you create a portfolioyou generate a private key, as well as a corresponding public key.

Public keys work like the holder’s address, visible to anyone to receive tokens (just like anyone can share their email address to receive messages). At the same time, the private key is needed to access the funds held in the public address and determine the actual ownership of the assets. Think of the private key as the password to access your email account.

Since private keys usually consist of a long string of characters, seed phrases are used as a friendly substitute for cryptocurrency wallets. Your seed phrase is your private key in a different format and consists of 12-24 random words generated by your wallet when you set it up. Seed phrases are also called mnemonic or recovery phrases.

A wallet owner should never share their seed phrase with anyone else. In case they lose it, most of the time their cryptocurrency is lost forever. Any third party with access to a wallet’s seed phrase would take control of the assets.

Get out of the comfort zone

The main threats to crypto users usually come from their wallets or exchanges. Below is a set of recommended tips and best practices to keep your valuable tokens safe.

Backing up your private keys: always write down the seed phrase and store it somewhere safe from where (only) you can retrieve it. Do not save your keys in the cloud or email them to yourself, as the servers can be easily hacked.

Use a hardware wallet (cold storage): Cold wallets are isolated devices that store your private keys and are never connected to the internet. Cold wallets are ideal for long-term storage and nearly impossible to hack.

Network Security: Don’t be that guy who gets his crypto stolen at Chipotle. Use a VPN when using a public internet connection. Check your home router frequently, because you never know if your neighbors are trying to sneak through your connection.

Secure your email: If an attacker compromises your email account, they can quickly recover or change passwords to access your Exchange account. A simple trick is to delete all backup emails and phone numbers used for verification. Instead, enable two-factor authentication (2FA). You can also use a physical hardware device, also known as a security key, so hackers need to steal the device to compromise an account.

Consider using encrypted email such as Protonmail. Beware of phishing emails and other messages of suspicious origin, especially those containing links or attachments.

Use unique passwords: this applies to every exchange you use. A simple solution is to use a password manager such as 1Password or LastPass and change your master password often. Additionally, you can use a random password generator to create strong passwords that include combinations of numbers, upper and lower case letters, and special characters.

Browse the web safely: Beware of malicious browser extensions and do not store passwords in your browser. Bookmark crypto sites you use often to avoid fake websites that look like the real thing, and use privacy-focused browsers like Brave.

Beware of SIM card swaps: a SIM swap is a malicious action by which the hacker intends to switch the cellular service of his victim to a SIM card in his possession. The hacker uses social engineering skills to trick the cellular service company and pretend to be the victim. The hacker then accesses all services or accounts with SMS or email recovery. To prevent SIM swapping, set up a 6-8 digit PIN through your service provider that must be entered to do anything with your account.

Exchange Specific Security: Use time-locked chests with a time limit to process a withdrawal. It is recommended to “secure” addresses to ensure that only wallets you control can receive your funds. This way, if your account is compromised, it will buy you valuable time to regain control of the account.

Minimizing the risk of hacking will give you peace of mind. You might not care as much now, but big gains can easily vanish if storage security isn’t taken seriously. Self-custody is what crypto was designed for.

If you are planning to stack your favorite tokens for the next bull run, consider trying Phemex, one of the leading exchanges in the industry. Phemex has never been hacked. Phemex has implemented a set of robust security practices to guarantee the protection of the digital assets of their users.

Share this article

Leave a Reply

Your email address will not be published.