How to avoid security risks, protect your private key and seed phrases, and more in this crypto safety guide.
Here's what we cover:
- The main security risks of crypto
- How to keep your crypto safe
- How to protect your private key and seed phrase
- How to secure your wallets and internet connection
- How to DYOR
- How to protect crypto from sending it to a wrong address
- Bonus: who and when should keep money on exchanges
Cryptocurrency has not been particularly Safu in 2022. In fact, October has been especially spooky, with a whopping $718 million stolen across 11 different hacks:
2022 is on track to set a record. Unfortunately, not the one you'd like to see:
With crypto hacks becoming ever more present, CoinMarketCap Academy prepared a guide on how to protect your crypto from hacks in 2022 and 2023. We wouldn't want you to get caught out in only a few months, right?
What Are the Main Security Risks of Crypto?
Of course, we all know that crypto is volatile (sometimes a bit too volatile on the downside).
But what are the main security risks? In other words, how could your crypto get stolen or hacked?
Keeping your Crypto on Centralized Exchanges
Losing Your Private Keys or Seed Phrase
Fake Apps or Spoofing
Fake crypto apps or websites that pretend to be legitimate, real crypto applications are a type of phishing attack that can get access to your private keys and drain your wallet of funds. It’s always important to double check the URL you are accessing and make sure that it matches that of the real website.
Sending Crypto to the Wrong Address
A transaction sent in a rush, a wrongly-copied address and your crypto ends up on a network it was never supposed to go to. It's an annoying and entirely avoidable way of losing crypto, so we will cover how to not send it to the wrong address (and if you can recover it).
How to Keep Your Crypto Safe
In this section, we cover several important aspects of how to keep your crypto safe.
How to Protect Your Private Key and Seed Phrase
There are three mains aspects to safe seed phrase storage:
- Never sharing it with anyone;
- Never storing it in the cloud (or anywhere on the computer);
- Backing it up and storing it offline.
First, you should not share your seed phrase with anyone. You may make an exception with trusted parties like family members or close friends, as long as you can be sure you want these people to know your seed phrase just in case. But do not, under any circumstances, share it with strangers online or offline.
Second, when you store your seed phrase, do so preferably offline. There are ways to engrave seed phrases if you do not want to use an old-fashioned pen and paper. You can also use a computer to store your seed phrase; however, it should be a separate computer from the one you use for transactions, and it should not be used for accessing the internet.
How to Store Your Crypto Safely
Next, you want to make sure that your crypto is safe wherever you keep it.
- Use a hardware wallet for long-term investments;
- Use a software wallet for smaller investments and interactions with protocols;
- Use a centralized exchange if you trade, swap or buy crypto.
Finally, be careful with the transactions you sign. Remember that a fake transaction can drain your wallet, so only sign the transactions you are certain to be legitimate.
How to Secure Your Devices and Internet Connection
Why (and How) to DYOR
- Always double-check everything
- Careful with DMs on all social platforms
First, you should always double and triple-check the addresses and networks you send crypto to. Also double-check the links you click on, particularly when it comes to decentralized applications. You may also want to do test transfers with small amounts first, in case you are unsure you are interacting with a legit protocol.
How to Prevent Crypto From Being Sent to the Wrong Address
It can happen to the best of us: you need to send some cryptocurrency, but you copy-paste the wrong address or click on the wrong network. Or even worse: you happen to be a victim of a phishing attack and your funds get siphoned off.
Here is how to prevent sending crypto to the wrong address:
- Copy and paste the recipient address or use a QR code. ALWAYS. And always double-check. You can check the first few and final few characters of the address to make sure it's correct.
- If you are receiving crypto, you may want to use a domain like ENS to make it easier for people to send you crypto. Much easier to send crypto to moonboi.eth than to a long 32-character address.
- Double-check the network you are sending to. If you are using a software wallet, make sure you are on the correct network. If you are withdrawing from a centralized exchange, make sure to check that you are withdrawing to the right network.
Bonus: Who Should Keep Crypto on Exchanges?
Of course, you want and need to use centralized exchanges – and most of the time they are perfectly safe, especially if we are talking about the biggest ones. There are a few instances when keeping some money on a CEX is considered an ok security practice:
- If you hold some of the platform tokens like BNB or FTT, you receive discounts on fees.
- If you are an active day-trader, you need to keep your capital on a CEX to trade.
- If you want to swap crypto or bridge it. CEXes are often cheaper (and safer) than decentralized bridges.
- If you are using staking services, your crypto will be in the exchange's cold storage.
- If you are simply very forgetful or not careful with your self-custody and do not trust yourself to keep your crypto safe. Also, if you are traveling, you may not want to think about your hardware wallet all the time.
You can never be perfectly safe with any online money, but you can reduce the risks and the attack vectors. Keeping your crypto safe is actually pretty easy if you follow a few basic rules — and this guide will help you to protect your crypto even in a bear market.