How to protect your crypto from hacks, scams, and phishing
Every now and then we hear a newsworthy story of a victim losing a considerable sum of his/her Bitcoin. The majority of these cases were the result of an indirect hack, a phishing incident or a scam.
In hindsight, all of these incidents are easily avoidable with the right security measures in place.
Bitcoin security
Protecting your Bitcoin can sound like a daunting task, but it involves the same precautions and best practices you should take with your online banking.
Step one: Choose a reputable and trusted company
The first step to protecting your Bitcoin is ensuring you choose a reputable company to buy, sell, spend, store and manage it.
Before handing over your money or details, it's always a good idea to do a sanity check of the company:
Look for a company with a proven track record
Verify the identities of owners and employees on LinkedIn
Check for registration with authorities (e.g. FCA in the UK)
Consider the company’s procedures for verifying customers and preventing crime
Research venture capital firms invested in the company
Many security breaches in this space could have been avoided with extra security measures in place. Make sure you're comfortable with the preventative measures in place to protect your money (and data).
Step two: Protect yourself from hackers
Great security doesn't stop with finding a reputable company. If you don’t do your part to protect your account, no amount of back-end security will prevent hackers stealing your Bitcoin.
It’s a bit like keeping your home safe. Even the most high-tech door lock won’t keep you safe if you leave the door wide open. Hackers tend to exploit the weakest link in any security system.
With a few simple considerations, you can improve your security by tenfolds:
Stronger password security: use an unusual password with at least 16 characters and never ever share it
Turn on two-factor authentication: this means no one can access your account without access to your phone
Protect your email account: use a secure, unique and complex password and turn on two-factor authentication
Lock your account: if you suspect your account is compromised, lock it.
Step three: Learn to spot scams and phishing
Phishing attacks happen when criminals create a website or email that looks like it belongs to a trusted company. Using this imitation, they then deceive you into giving them important details, including your sign-in or payment information.
You might receive an email from your Bitcoin Wallet provider asking you to check some recent activity. When you click the link in the email, it might ask you to re-enter your payment details. If you do this, the criminals have your information.
This isn't limited to Bitcoin or cryptocurrencies
Phishing activity has been a growing concern across the whole of the internet.
They look real at first glance and ask customers to sign-in to their accounts. If someone does this, criminals can then log into their account and steal from it.
While it's not the fault of the company the phishers are pretending to be, phishing can still harm the reputation of a legitimate company because people may not understand that the attack came from elsewhere. The only step trustworthy companies can take is to try to educate everyone about phishing. But it’s up to you to take extra care of your access details.
To avoid becoming victim to a phishing attack:
Always check the URL of a website before signing in or clicking an ad
Enter the URL directly rather than googling the company name
Never share your password or payment details by email or message
Pay attention to your intuition — if something feels wrong, double check it
Don’t offer your details without reason and be careful with sensitive information (e.g. your PIN)
Check the address before replying to emails
If you’re unsure about a website, try signing in with a fake password.