There’s been many successful high profile and high value hacks targeting individuals who hold cryptocurrencies and non-fungible tokens (NFTs). If you’re an investor or holder of these digital assets, it’s imperative you update your digital security today.
When using an investing app in Australia, particularly if you’re investing in crypto, there are a few things you should do to tighten up security of your assets. Remember, storage, access, and physical security of your crypto is your responsibility as it is a noncustodial asset, meaning you are the only one that (should) have access to it.
If your crypto wallet is hacked and your crypto stolen, it’s impossible to get back, the suggestions below will help strengthen your personal digital security.
Don’t be loud about your crypto investments
It can be tempting to brag about your crypto investments, but make sure you’re careful who you tell about your digital fortunes. If you own a lot of crypto, or have some seriously valuable NFTs, you could be the next target for scammers and hackers.
Use a password manager
This is the most basic step of strengthening security across the board, passwords can be, and often are, breached and sold to attackers. This shouldn’t matter too much, as you should never reuse passwords and choose strong ones, but if you have a habit of using the same password across all logins, a password manager will help you tighten your security.
Enable 2-factor authentication and use an authenticator app
Enabling 2-factor authentication (2FA) on every account you own is one of the best things you can do to strengthen yourself from attackers. Even if your passwords are weak, there’s little chance your attackers can get your 2FA codes.
It’s best to use an authenticator app, like Google or Microsoft Authenticator, over using your phone number as “sim swapping” is common. Sim swapping is when an attacker activates your number on a new sim card, beating your 2FA. It’s best to set up multiple forms of 2FA, and some crypto apps can feature up to 3 2FA codes across mobile, email, and authenticator app to complete the authentication.
Use a VPN
VPN stands for “Virtual Private Network”, the best way to think of a VPN is that it’s a tunnel that obscures your real IP address, and replaces it with another. You might have heard of people using a VPN to stream movies only available in other countries, but why you should use a VPN is because of “man-in-the-middle” attacks on public Wi-Fi.
You see, when you use a public Wi-Fi network, all of your information and data is transmitted without encryption, it’s very easy for attackers to pick up that information and use it against you later. If you were to use a VPN, they’d only be able to see your encrypted, protected connection to the VPN server.
Don’t click unknown links
Never click a link if you don’t know where it leads, not on your phone or computer, and it doesn’t matter if it comes through email, text, or a messaging app like Facebook Messenger. The reason is because phishing links can pose as legitimate websites, and any input of details can result in a breach of security. Many people who own high value NFTs or crypto have been successfully targeted in phishing scams, with their crypto or NFT stolen.
Note down your crypto wallets seed phrase, and never share it
Your wallets seed phrase, also known as the private key, is the 12-24 words that appear when setting up your wallet. These words are the ticket into the wallet, and the items it holds, if your phone, laptop, or hardware wallet are ever lost or stolen, allowing you to set it up again on another device.
As a further note to never clicking unknown links, there are a huge amount of scams that purport to be “support services” for crypto wallets like MetaMask, Trust Wallet, Ledger, and others. These “services” will have you fill in a Google Doc that asks for your wallets seed phrase so they can “help” you with wallet issues.
Get a hardware wallet and actually use it
Hardware wallets store your crypto offline, away from the internet, unlike “hot wallets” that are integrated into your computer browser. It’s typical for crypto investors to keep funds in a hot wallet for use in trading, but you should never leave a large sum of money in your hot wallet due to phishing attacks.
Even crypto veterans aren’t safe, the owner of a crypto business had nearly $2 million worth of crypto and NFTs stolen from his hot wallet and sold, whilst everything in his hardware wallet was safe from the attack.