Articles

Security essentials

CryptoCurrency Trading Basics  
As part of James’s commitment to helping cryptocurrency achieve mass adoption, we are creating a series of articles for beginners who are just entering the crypto space. 

Here we explain a little more about keeping your cryptocurrency secure, and how to spot various types of scams that are unfortunately commonplace in the cryptocurrency world.

If you watch James’ daily Youtube videos, you may have seen him using the Bybit trading platform to highlight his trades and other up to date information about the cryptocurrency market (and if you haven't, you can subscribe here!)

Cryptocurrency Security Essentials
As you build your crypto portfolio, you must consider the best ways to ensure your funds are secure, and that you do not fall prey to any of the common scams. 

This short guide to the basics of crypto security explains how to identify scams and gives suggestions for best practice precautions that should be taken to protect your digital assets.

THE most important thing to remember, is never give your seed phrases or passwords to anyone. No admin of any reputable project or support on any good platform will ever ask for this.

Basics
When managing cryptocurrency in any exchange or wallet app, it is important to start with the same best practices you should use for Web2 accounts and information. For example:
  • Do not use the same password across multiple accounts
  • Update your passwords regularly
  • Use a password manager, such as Dashlane, to help you create & store complex passwords
  • Use secure networks to manage and access your crypto assets
  • Make sure any apps you use to manage your crypto are always updated to the latest version
These simple tasks will provide a first layer of security, and it is important to remember - never sacrifice security for a few extra moments of convenience.

Scams
Before we get to other best practices to secure your cryptocurrency, we will provide a brief overview of two of the most common types of crypto scams, and share how to spot them.

Phishing Scams
With a phishing scam, a bad actor impersonates an existing organization or website in order to trick you into giving access to funds or other sensitive information. These requests are often phrased as urgent, perhaps saying your account is compromised, or that there is a reward that must be collected now. 

Phishing can even happen on official sites, as it did with the famous PancakeSwap website, when part of their site was hijacked. Here, a popup appeared asking the user for their seed phrase. Despite using the official website, those who entered their 12 or 24 word seed phrase in this hijacked part of the site lost their funds. 

Never give your seed phrase to anyone!

Take the following steps to avoid these:
  • Check the authenticity of emails, make sure the domain is correct.
  • Do not click on any hyperlinks sent by mail, open them on the organizations’ main website yourself. Some scammers use addresses that are just slightly different from the official one - so either double check or open directly on the site.
  • If you are unsure for any reason, do not engage.
  • Contact the support of the organization directly to confirm the message.
  • Use 2FA as a standard in case any password is compromised.
To reiterate. No reputable organization will ever ask for your passwords, private keys or seed phrases. Never give them to anyone!

Community Scams
If you are involved in any online communities around a favorite project, maybe on Discord, Telegram or Whatsapp, it is important to stay alert for potential scams. Many crypto enthusiasts fall prey to imposters pretending to be team members, either to scam money in return for tokens or NFTs that will never be sent, or attempt to extract personal details from them.

Follow these tips to avoid falling victim to these:
  • Most reputable projects have a rule where their team members never DM (Direct Message) you first. If you are receiving direct messages from a project founder, or someone linked to their team, it's normally suspicious and you can assume it is a scam attempt. If you receive an unsolicited message, check either by contacting a moderator, or reposting it in the main chat area.
  • Watch out for unsolicited or spam messages in groups like Telegram or Discord in general. Mostly, if something sounds too good to be true - it is!
  • Never give your private information to anyone in a community.
  • Never send funds to anyone PRETENDING to be a project member without checking their official channels, their website or Twitter. If they have official ways to invest in their token or NFT, then they will never ask you to send funds via a social channel.
  • Some scammers create similar-looking groups, websites or even platforms & wallets in order to scam users. Always double check the authenticity - popularity, reviews and authentic branding.

Best Practices
There are some best technical practices you can practice to further safeguard your assets. Firstly, consider creating a brand new email address that you use solely for working with your crypto assets. This will safeguard you if your email account password is hacked from anywhere else on the internet.

Use strong passwords, especially for exchanges or wallets. These passwords should not be repeated anywhere else, and you can use a secure password manager to help with this.

Whenever possible, make use of 2FA - two-factor authentication for login and managing assets on any platform. You can either use your phone number or an authentication app such as Google Authenticato or Authy.

Choose between a custodial or non-custodial wallet. Custodial wallets mean that you have less responsibility, but the funds are managed by a third party. However, with a custodial wallet you have the possibility to access your funds should you forget or lose your access details.

Non-custodial wallets are more secure, as only you have access to the funds via a private key and seed phrase. With great power comes great responsibility. There is no need to trust a third party, but if you mislay or forget your access details, your funds will be unrecoverable..So never share your seed phrase!

When using a non-custodial wallet, take care to store your seed phrase securely, and offline, perhaps with copies in more than one location.

Consider using a cold wallet rather than a hot wallet for long-term digital asset storage. Hot wallets, such as mobile wallets are online, which makes them easier for day-to-day use, but are vulnerable to online attacks.

Cold wallets or hardware wallets, such as Trezor or Ledger, are offline and normally look similar to a medium-size USB. They are much more secure but the trade-off is with convenience. Theft from a cold wallet would normally require both physical possession of the wallet as well as the access details.

Normally, users holding large amounts of cryptocurrency will keep them in a cold wallet or wallets. As with non-custodial wallets, you will need to store your access details and recovery phrase securely, as if forgotten or mislaid, your funds can become completely inaccessible.

With all wallets, it is also important to remember that any contract you approve with any website is your responsibility. Approving a malicious one can even drain all your crypto, EVEN if you didn't share your seed phrase. So always take care to use reputable, trusted decentralized exchanges or swaps.  

Whilst cryptocurrency is a totally exciting space, the nature of its fast-paced development means that some security aspects lag far behind acceptable fintech standards, and there is no one method to completely secure your digital assets.

Please remember - Often there will be no support to help you in case of serious issues, and potentially no way to get your funds back, so always be careful and double-check at all times.

However, with careful common sense and willingness to trade some convenience for security, you can ensure you have the smallest chance of losing money through scams, hacking, or negligence.

James mentions security practices as part of his YouTube trading tutorials, his Telegram Crypto Guru channel and his crypto masterclasses, along with best trading strategies to get you started on your way to financial freedom!

Join our community for daily updates!

Be safe Gurus!