A single security lapse could lead to complete wipe out of your crypto assets in seconds, with no recovery in sight, warns Nikhil Sethi, founder & MD, Zuvomo, a start-up funding launchpad.
From phishing scams to sophisticated hacks, whether you are a seasoned investor or just starting out, implementing the right practices can mean the difference between preserving your crypto wealth and falling victim to cyber threats.
Whether it's a software wallet installed on a computer or smartphone, like MetaMask, MEW, or Trust Wallet; a hardware wallet similar to Trezor drives; or a wallet on a crypto exchange or platform like MyEtherWallet (MEW) or Exodus to access assets, a single security lapse could lead to complete wipe out of your assets in seconds, with no recovery in sight.
An example of this is the massive hack of WazirX, known as India's largest crypto exchange. In July this year, approximately $234.9 million was hacked from WazirX, and the stolen funds included $96.7 million in Shiba Inu, $52.6 million in Ether, $11 million in Matic, and $7.6 million in Pepe (all cryptocurrencies).
With incidents like these, it's clear that digital assets aren't safe in centralised exchanges (CEX) or custodial wallets.
CEXs contradict the very idea of decentralisation, meaning that a third party has full control over your funds/assets. In fact, if you don't hold the keys, you don't truly own your Bitcoin or assets.
Let's explore the top security practices every crypto holder should implement to keep their assets protected.
Use Cold Storage for Long-term Holdings
If you're holding for the long term, consider storing your funds in cold storage. These are hardware devices that are not connected to the Internet, making them far less vulnerable to hacks and cyberattacks.
Storing assets in a hardware wallet means that your funds remain offline and protected; however, cold wallets may not be convenient for frequent transactions.
Whether it's a hardware wallet or a paper wallet with private keys, cold storage is an excellent option for safeguarding larger amounts of crypto you plan to hold over a longer period.
To enhance security further, it's recommended to use a virtual keyboard to enter your private keys, as hackers can potentially record keystrokes. Some trusted and well-known wallets for cold storage include Trezor, Ledger, and KeepKey, which provide robust security features for your digital assets.
Back Up Your Wallet
Regularly backing up your wallet is crucial in case you lose access to your device, encounter a system failure, or accidentally delete your wallet.
A proper backup enables you to recover your assets even if your primary device becomes inaccessible or if your computer, smartphone, or hardware wallet is lost or damaged.
However, it's important to ensure that you backup all critical information, including private keys, seed phrases, and wallet files, in a secure location.
It's advisable to keep your private keys safe, either on a piece of paper or stored offline. Avoid leaving a digital trace of the key; don't take photos, and don't store it in e-mail or any messaging app.
Ensuring physical security of your keys is essential to protecting your digital assets.
Most wallets provide a seed phrase or private keys that act as your recovery tools and these should be stored in multiple offline locations rather than solely on cloud storage, which could be vulnerable to breaches.
Without taking proper measures to back up your wallet, you risk losing access to your crypto permanently.
Keep An Eye On Blockchain Transactions
The report from Chainalysis highlighted that in 2023, approval phishing scams became more prominent. It's shocking to know that scammers trick users into signing malicious blockchain transactions that enable them to gain access to the victim's wallet.
Hence, it's advisable to always double-check the details prior to confirming any transactions.
Always double-check the details, verify the recipient's address, and take the time to review the transaction fees and amount to ensure that funds are being sent to the correct wallet.
Remember, one mistake could lead to irreversible losses, as Chainalysis mentioned that approval phishing scammers stole $376 million from crypto wallets in 2023.
So always double-check transactions several times before approval. Know that even if the first and last digits of a wallet address seem right, it could be subject to a mirroring (or 'address poisoning') scam, which means that scammers trick users into sending funds to a fake address mirroring the real one.
In fact, it's reported that in August 2024, a crypto user lost $69 million worth of wrapped Bitcoin to such a scam.
We should keep tracking transactions -- using apps like CoinStats or checking manually on the blockchain can help ensure everything is in order.
Additionally, be vigilant against AI scams, which are becoming increasingly common.
Crypto scammers often use images of celebrities or even fabricated personas to market their products. Beware of fake Web sites, fake calls, and unsolicited DMs, emails, and messages.
Always triple-check that the information comes from official sources, including verified domain names and the official handles of the project.
So, if you're ever in doubt about a transaction or receive an unexpected request, pause and investigate further before proceeding.
Triple Check Before Installing Any Third Party Apps/Software
When installing any third party apps or software, always triple-check their legitimacy before proceeding. It's because many apps have been delisted by Apple and Google for stealing user data.
No third-party app should have permission to access your clipboard or email without a clear and valid reason. To further enhance your security, keep your devices and applications updated, as updates often include important security patches that protect against vulnerabilities and potential threats.
Use Strong Passwords
This may seem simple, but it's the first and fundamental step in securing your wallet and funds. Always strive to set an extremely complex and unique password for your account. Password manager tools can help you generate highly complex passwords using a combination of uppercase and lowercase letters, special characters, and numbers.
Avoid using easily guessable information, such as birthdays or common words.
Use Two-Factor Authentication (2FA)
Setting up 2FA: Two-factor authentication is one of the simplest yet most effective security measures. It is a second method of verification that adds an extra layer beyond your password, such as a verification code sent to a user's phone or generated by an app like Google Authenticator.
This step ensures that even if someone gains access to your password, they still can't access your wallet without that second verification. Whether you are a beginner or a seasoned investor, enabling 2FA reduces the risk of unauthorised access to your wallet.
Other common safety practices include avoiding public Wi-Fi when accessing your wallet online, as unsecured networks can expose you to various cyber threats. Instead, consider using a VPN to hide your IP address and location.
A VPN creates an encrypted tunnel that keeps your online activity private and secure, making it more difficult for hackers to intercept your data.
Additionally, regularly check your wallets on blockchain for any unauthorised transactions, and stay updated on the latest news regarding crypto threats or new attacks. This knowledge can help you respond quickly to emerging risks.
Bottom Line
The alarming statistics surrounding crypto scams serve as a reminder of the potential threat that exists. Staying informed about the latest threats and implementing proven safety measures can make a crucial difference in safeguarding your investments.
Ultimately, being proactive and cautious in your approach will empower you to navigate the crypto space with confidence and security.
