Altcoins Talks - Cryptocurrency Forum
Learning & News => For Beginners => Basic Questions about Cryptos => Topic started by: PrivateKayla on September 17, 2024, 04:23:38 AM
-
I read a ton of articles on how to be secure in crypto transactions when I started. The common recommendations are:
1. Don't use a public network while transacting.
2. Use strong, unique passwords. Don't use the same ones.
3. Use a (paid) VPN.
4. Invest in anti-malware, anti-virus, and anti-spyware.
5. If possible, use a dedicated device for crypto alone.
6. Use a secure browser.
7. Never click on unknown and unsolicited links.
8. Enable 2FA in your accounts.
9. Always check URLs.
10. Spread out your funds.
These are also my non-negotiables and habits. What are your non-negotiables for secure transactions? You may have some uncommon ones that can be helpful to everyone.
-
What kind of networks are you referring to by "public networks"? Something like a public hotspot? I agree that using public wi-fi is not recommended, simply because you don't know whether the network is secured properly or not. Even if you don't use your device to manage your crypto it's still a bad idea to use public wi-fi, especially if it's an open network. CMIIW.
As for VPN, I think it depends on your needs. You don't necessarily need a VPN to send your transactions. There are alternatives like DNS encryption if you care about accessing blocked websites.
I also don't think you need to buy three separate software to protect yourself from malware, just be careful with phishing attacks, verify downloaded files properly, and use Windows Defender or Malwabreytes if you want to scan your files. Some antivirus software slows down our computer while offering little to no improvement compared to Windows Defender if you use Windows. At the end of the day, your awareness is the most important to avoid viruses/malware. CMIIW.
-
I agree with most of your recommendations and there is really a need now to spread more information related to security so we can avoid being hacked or scammed as we invested money, time and effort for our coins and tokens and we are looking to the time when they can provide us financial freedom and NOT to lose them to scammers who are just lurking in the dark corners of the online world. Now, in addition to what you listed here, another thing is to never use CEX/DEX exchanges as a wallet as they should be use for what they are good and that is exchanging. Plus, one should be using non-custodial wallet as this can be another layer of security we can take advantage of. Above all, never trust anyone online and one must look for good reviews before using anything whether they can be apps, exchanges or any other crypto-related platforms.
-
These are also my non-negotiables and habits. What are your non-negotiables for secure transactions? You may have some uncommon ones that can be helpful to everyone.
i think a lot of people already knows this but for those who are still not practicing this i recommend storing your seed phrase somewhere offline do not just take a screenshot and keep it on your device the moment your device gets compromised there is a big chance your wallet will be easily accessed
make sure to also update your devices into the latest software just to ensure that any security measures are up to date and another thing i tend to be more careful now is connecting to public internet so much of our data can be accessed from public wifis so as much as possible avoid connecting to them
-
Aside from common security practice, i would never share wallet private key/recovery words with multiple persons just to save some TX fee. I've seen some people claim they do such thing when they got caught operating multiple account.
4. Invest in anti-malware, anti-virus, and anti-spyware.
Those 3 usually refer to same thing. But FYI, some of those actually is spyware where they collect and sell your data. Here's an example, https://www.tomsguide.com/news/avast-avg-data-collection (https://www.tomsguide.com/news/avast-avg-data-collection)
-
Use Open source wallets like Electrum and verify it first before installing. Buy a hardware wallet if you are going to store a lot of Bitcoins or crypto in general for a long time.
Don't trust, but verify. Back up your keys and mnemonic phrase is different places and do not save in online. If you are going to used your mobile phone as crypto wallet, don't put large amount, as our mobile phone are always online.
I think for now, that's what the best known methods or practices that I think of.
-
I read a ton of articles on how to be secure in crypto transactions when I started. The common recommendations are:
1. Don't use a public network while transacting.
Even better, never use them because there is a big risk that you will connect to a hotspot that is actually under the control of a hacker who can then steal all your login information.
https://en.wikipedia.org/wiki/Man-in-the-middle_attack
2. Use strong, unique passwords. Don't use the same ones.
For each service you use, you should have a unique e-mail with a unique password, and of course a strong and unique password on that same service. This data should never be stored online or as plain (unprotected text) on any device.
3. Use a (paid) VPN.
I'm not saying that it won't be helpful, but what if most VPNs are actually just a cover for those who just want to spy on us that way? Regardless of whether it's true or not, the fact is that those behind VPNs probably keep a lot more of our data than they admit.
https://www.altcoinstalks.com/index.php?topic=324120.msg1626176#msg1626176
4. Invest in anti-malware, anti-virus, and anti-spyware.
Perhaps a good security suite would be the right solution - one that has good AV, anti-malware and of course a firewall. A lot of different security solutions from different manufacturers can sometimes be counterproductive.
5. If possible, use a dedicated device for crypto alone.
It makes sense, in fact it is recommended, but not everyone can afford two computers.
6. Use a secure browser.
What is a secure browser? I assume that maybe you mean one that is open source, and one that is not too destructive to privacy like Chrome.
7. Never click on unknown and unsolicited links.
Never, even if you get an e-mail from some super famous person who sent you a bunch of money and just wants you to click on a link to get that money ;)
8. Enable 2FA in your accounts.
Good additional protection, but 2FA is not bulletproof - whether it's authentication via e-mail or SMS, so it's better to use other methods like authenticator apps.
9. Always check URLs.
Related to that "don't click on suspicious links", and of course in cases where it is about very important (sensitive) links, each one should be checked in detail before entering your login information.
10. Spread out your funds.
This is smart, especially in the event that we are physically attacked and the attacker requests that we give him access to the wallet - a good wallet like some hardware wallets will always have the option of having more hidden wallets that can remain hidden in such situations.
These are also my non-negotiables and habits. What are your non-negotiables for secure transactions? You may have some uncommon ones that can be helpful to everyone.
Always check if the address to which we send/receive matches the one that is part of our wallet - in other words, beware of clipboard malware. Also, a BTC transaction must have at least 1 confirmation on the blockchain (preferably 2 confirmations) to be considered complete (irreversible). I mention this because of a possible double-spend attack, namely the same coins can be spent again if the previous transaction has not been confirmed.
+1
-
Use Open source wallets like Electrum and verify it first before installing. Buy a hardware wallet if you are going to store a lot of Bitcoins or crypto in general for a long time.
Don't trust, but verify. Back up your keys and mnemonic phrase is different places and do not save in online. If you are going to used your mobile phone as crypto wallet, don't put large amount, as our mobile phone are always online.
I think for now, that's what the best known methods or practices that I think of.
I totally agree with this advice.
Using open source wallets like Electrum is safe because many people check code. Checking software before installing makes it even safer. For storing a lot of cryptocurrency use hardware wallet. It keeps your money offline protected from hackers. Always double check transactions. Do not trust anyone verify everything.
Save backup phrase in multiple safe places like USB drives or paper. This way we will not lose our money if something goes wrong. Using our phone as crypto wallet is convenient but risky especially for large amounts. Phones are vulnerable to online attacks.
To stay safe:
Use strong passwords and two factor authentication (OP added)
Keep software up to date
Regularly check accounts
Avoid suspicious links and emails (OP added)
Consider multisignature wallets
Following these tips will help keep our cryptocurrency safe.
-
I read a ton of articles on how to be secure in crypto transactions when I started. The common recommendations are:
1. Don't use a public network while transacting.
2. Use strong, unique passwords. Don't use the same ones.
3. Use a (paid) VPN.
4. Invest in anti-malware, anti-virus, and anti-spyware.
5. If possible, use a dedicated device for crypto alone.
6. Use a secure browser.
7. Never click on unknown and unsolicited links.
8. Enable 2FA in your accounts.
9. Always check URLs.
10. Spread out your funds.
These are also my non-negotiables and habits. What are your non-negotiables for secure transactions? You may have some uncommon ones that can be helpful to everyone.
This particular one is underrated but my advice is never login your wallet details into another person's phone. Don't import your seed phrase into another persons phone and never even dare try it with your private keys because I have seen a situation where friends became enemies, one import a wallet on the other and later deleted the wallet not knowing the friend screen recorded everything and later has access to the phone.
In addition, avoid browsers that don't allow adblock. There are instances where some browser that are not strong auto download things that may cause your device to install malware you are not aware. Be careful and be vigilant.
-
Be careful when sending funds and make sure that you cross check the address over and over again to avoid you swnding it to the scammer walket address due clipboard malware. Wil I say that don't copy and paste tge address that you are sending funds to but scan the QR code. You should not use your wallet to scan any QR code from random sites. Don't keep your coins in an exchange or with a third party.
-
You have brought up some important points that all of us who are connected online need to have because nowadays it is seen that people are losing their digital assets due to not taking proper security. In each case it is better to keep your personal data hidden as much as possible and of course to discuss investments less publicly and not to share investment amount and wallet address publicly. Because many times it is seen that due to sharing such data with others or presenting it publicly, hackers get an opportunity to phish us.
Anyway to your points I would like to add another thing that encryption technology should be used to store the data so that no one can take the encrypted data x x.
-
Anyway to your points I would like to add another thing that encryption technology should be used to store the data so that no one can take the encrypted data x x.
Are you referring to something like BitLocker? As far as I can tell, people can steal encrypted data but will need more time and effort to decrypt it. We need other ways to protect our devices to avoid that. I believe there are several ways to reduce the time required by doing additional attacks such as social engineering to trick users into inputting their password for the decryption process, planting a keylogger on a computer, and so on. If I remember correctly, some crypto wallet stealers use keyloggers to steal our funds so encryption won't help much. CMIIW.
That doesn't mean you should stop using passwords to secure your wallet though, that would be stupid.
-
My security non-negotiable is to never share sensitive details with anybody, whether it's pertaining to bank accounts (OTPs, Passwords, document details)) or crypto stuff (private key, seed phrase).
I have been phished before and I only realized it was phishing attempt when I realized page was asking for private key/seed, and this rule of not sharing sensitive details with anybody saved me.
-
They seem like AI-written recommendations, some are good advice and some are about privacy enhancement rather than account security but they are general and not about cryptocurrencies as the most important rule is to use a well-reviewed open source wallet that can be trusted.
-
They seem like AI-written recommendations, some are good advice and some are about privacy enhancement rather than account security but they are general and not about cryptocurrencies as the most important rule is to use a well-reviewed open source wallet that can be trusted.
I checked with several AI detectors that are considered reliable and they all give the result that it is a text written by a human. On the other hand, if the majority of those who invest in cryptocurrencies followed all these tips, hackers would give up very quickly because they would succeed in very few attempts to steal something from someone.
-
These are also my non-negotiables and habits. What are your non-negotiables for secure transactions? You may have some uncommon ones that can be helpful to everyone.
I don't like antivirus because they don't do the work as they advertised instead when you install some they install unnecessary programs with them causing system lag. Enabling 2FA for all the accounts is must and it gives us the chance to recover them when lost. Spreading out funds is also a good method but then we have to keep the seed phrases of those wallets offline and save and when there are more seed phrases then the pressure is also greater.
Using paid vpns and paid anti viruses is a reliable method to secure your data and we should never use public networks in my country. The government provides free internet in some areas and we all should avoid making transactions and even connecting our finance phones with such networks.
-
Are you referring to something like BitLocker? As far as I can tell, people can steal encrypted data but will need more time and effort to decrypt it. We need other ways to protect our devices to avoid that. I believe there are several ways to reduce the time required by doing additional attacks such as social engineering to trick users into inputting their password for the decryption process, planting a keylogger on a computer, and so on. If I remember correctly, some crypto wallet stealers use keyloggers to steal our funds so encryption won't help much. CMIIW.
That doesn't mean you should stop using passwords to secure your wallet though, that would be stupid.
Actually, I told the data encryption system here, even if you mean BitLocker, I will not say wrong. It is true that some crypto wallet stealers or hackers have that skill even that we encrypted our data they can also steal the key logger and steal our data, fund whatever you said.
But generally, if we store personal data such as passwords or private keys in an encryption method, it will increase our security to some extent. Although, if our browsing is not secure I mean if we browse the internet unsafely then no amount of security protocols can save us from hackers.
-
I hope everyone, especially newbies, can get some solid nuggets of wisdom from this thread. I have learned some new things as well.
Aside from common security practice, i would never share wallet private key/recovery words with multiple persons just to save some TX fee. I've seen some people claim they do such thing when they got caught operating multiple account.
Those 3 usually refer to same thing. But FYI, some of those actually is spyware where they collect and sell your data. Here's an example, https://www.tomsguide.com/news/avast-avg-data-collection (https://www.tomsguide.com/news/avast-avg-data-collection)
This is the first time I've heard of people sharing their private keys just to save on TX fees. Yes, I may have not mentioned it, but sharing these is a big no-no. Thanks for this link. Gives us something to think about.
Anyway to your points I would like to add another thing that encryption technology should be used to store the data so that no one can take the encrypted data x x.
Are you referring to something like BitLocker? As far as I can tell, people can steal encrypted data but will need more time and effort to decrypt it. We need other ways to protect our devices to avoid that. I believe there are several ways to reduce the time required by doing additional attacks such as social engineering to trick users into inputting their password for the decryption process, planting a keylogger on a computer, and so on. If I remember correctly, some crypto wallet stealers use keyloggers to steal our funds so encryption won't help much. CMIIW.
That doesn't mean you should stop using passwords to secure your wallet though, that would be stupid.
This sounds like a great idea, but will encryption technology be a challenge for those who are not tech-savvy? Or is it something easy to learn?
This particular one is underrated but my advice is never login your wallet details into another person's phone. Don't import your seed phrase into another persons phone and never even dare try it with your private keys because I have seen a situation where friends became enemies, one import a wallet on the other and later deleted the wallet not knowing the friend screen recorded everything and later has access to the phone.
In addition, avoid browsers that don't allow adblock. There are instances where some browser that are not strong auto download things that may cause your device to install malware you are not aware. Be careful and be vigilant.
It is underrated and yes, should be high up there with never sharing your private keys and seed phrases. I've never read this one from articles. I'm glad you mentioned it.
-
Aside from common security practice, i would never share wallet private key/recovery words with multiple persons just to save some TX fee. I've seen some people claim they do such thing when they got caught operating multiple account.
Those 3 usually refer to same thing. But FYI, some of those actually is spyware where they collect and sell your data. Here's an example, https://www.tomsguide.com/news/avast-avg-data-collection (https://www.tomsguide.com/news/avast-avg-data-collection)
This is the first time I've heard of people sharing their private keys just to save on TX fees. Yes, I may have not mentioned it, but sharing these is a big no-no. Thanks for this link. Gives us something to think about.
TX fees isn't the only reason, but few people actually do or seriously consider that. Here are some examples for curious reader,
https://www.reddit.com/r/crypto/comments/gi3llq/how_can_i_send_my_private_key_safely_to_someone/ (https://www.reddit.com/r/crypto/comments/gi3llq/how_can_i_send_my_private_key_safely_to_someone/)
https://bitcoin.stackexchange.com/questions/71096/how-can-you-share-a-plaintext-bitcoin-address-private-key-with-a-friend-and-ensu (https://bitcoin.stackexchange.com/questions/71096/how-can-you-share-a-plaintext-bitcoin-address-private-key-with-a-friend-and-ensu)
https://bitcointalk.org/index.php?topic=5498457.msg64221639#msg64221639 (https://bitcointalk.org/index.php?topic=5498457.msg64221639#msg64221639)
-
I don't like antivirus because they don't do the work as they advertised instead when you install some they install unnecessary programs with them causing system lag.
~snip~
A program cannot install anything else without your approval, and you can simply reject anything additional that some AV offers you if you think you don't need it. Regarding the load on working memory, I think that today's AV consumes very little RAM (from my experience), but if you have 2 GB of RAM and use W10, you should know that the system itself consumes at least half - therefore, for some kind of pleasant work on the computer today, you need at least 8 GB of working memory.
-
I read a ton of articles on how to be secure in crypto transactions when I started. The common recommendations are:
1. Don't use a public network while transacting.
2. Use strong, unique passwords. Don't use the same ones.
3. Use a (paid) VPN.
4. Invest in anti-malware, anti-virus, and anti-spyware.
5. If possible, use a dedicated device for crypto alone.
6. Use a secure browser.
7. Never click on unknown and unsolicited links.
8. Enable 2FA in your accounts.
9. Always check URLs.
10. Spread out your funds.
A more comprehensive answer might be to simply not connect your computer to the internet... this can be done on a dedicated computer that is only used to access the wallet... remember... if the private key is what you are after, then points 2,3,5, and 8 are probably useless... while number 4 is probably more of a preventative measure...
For point 3, paid VPNs don't necessarily provide great security and privacy, .. but they are definitely better than free VPNs.
Some of the points you mentioned do try to prevent hacking, so they are helpful in some contexts.
-
I always recommend that people never store a large amount of their funds in an online wallet, it is too risky and any mistake can lead to losses, online wallets should only hold a small amount of your funds, the one you store for spending on the go. A hardware wallet or an airgapped wallet is what should be used for storing a large amount in BTC.