Keep your crypto secure and be aware of these risks when using online/web wallets
Recently I read a post about how a user on our blockchain lost money as his BSC wallet got hacked. In addition to this, I also came across a number of videos/posts that discussed how people got hacked using MetaMask and the likes.
If you are completely new to crypto, my first piece of advice for you is to never keep all your crypto on exchanges. The problem has been mitigated to a large extent these days as most prominent exchanges use insurance to cover hacking-related losses and also use cold storage to protect funds. However, exchanges are most prone to hacking attacks, and leaving crypto on them will make you vulnerable.
Second, if you use mobile wallets, keep the least amount of crypto on them. Treat it like a current account and have a cold wallet/hardware wallet to store most of your savings. Third, use 2FA authentication for your hot wallets, those that are used on public WiFi (for example a wallet on your laptop).
Now if you are aware of DeFi and have participated as a market maker by becoming part of liquidity pools, then you have used wallets such as MetaMask and Binance Side Chain Wallet. Unfortunately, I am learning that a lot of people keep their crypto on these wallets and fall prey to hackers quite easily. Let's find out how.
Firstly, setting up a MetaMask wallet or a BSC wallet is quite simple. Open the app store on your browser and you can set up either of the 2 wallets mentioned above quite easily. Keep your passkey secure and you are good to go. Logging in and out of the web extension wallet also happens via a username and password.
If you've used UniSwap, then you know that you need to link the exchange with a web-based wallet to access the liquidity pool, for e.g. Metamask. The problem of hacking is quite common with people who keep their browsers open at all times and log in to MetaMask to check their portfolio balance. Once you've logged on to Metamask, you stay logged on till you close the browser. If you keep your browser open and log in to Metamask on public WiFi, then you are making yourself vulnerable.
lock your wallet after you're done using it
There are multiple ways in which you can be hacked. It is now known that governments are spying on citizens using spyware called Pegasus, which can be installed on your phone by a phone call. Mobile phones can be hacked using Sim Swap methods and texts and phone calls made/received by your phone are vulnerable. You should be very careful about what links you click on and what .exe files you open and what documents.
While setting up these online/web-based wallets, do not store your seed phrase/password as a screenshot or on google drive. There is support for these wallets on Twitter! Also, make sure that you do not approve just above any transactions on Metamask for a $100 airdrop!
One has to manage these risks based on their levels of awareness. However, using wallets that remain open after logging in once should only be used to conduct transactions swiftly on a decentralized exchange and not for storage.
In the present scenario, all your devices and connections are vulnerable. Keep your holdings in diversified wallets, mostly cold wallets if possible. Use safe browsers.
Greetings @karamyog, as users of these wallets we must ensure that they have the most reliable security possible to avoid being scammed, no doubt there will always be those who want to steal our money so we must safeguard our passwords very well and not visit unsecured websites.
My strategy is to use these for quick transactions and not store a lot of savings in them. I also want to get a hardware wallet are some stage. Let's see. But ensuring safety of one's funds is one's own responsibility one the world of crypto.
hello @karamyog,
It is said that where there is money there are also scammers, when it comes to security having a culture helps us to prevent our cryptocurrencies from being stolen, usually people who are victims of these scams do it wanting to earn cryptocurrencies at low cost, ie with promises of big profits the scammer places a link to establish a connection with your wallet, once the connection is established the pirates proceed to empty all the funds in that wallet.
Well, sometimes scams can be sophisticated. SIM swaps are complicated and we all have used public WiFi. So sometimes one can get scammed because his her security got compromised unknowingly. Falling prey because of greed is also unfortunate but one must be aware that extra sweet deals are extremely rare and if you're getting one, there must be a catch.
Hi @karamyog
2FA authentication, this for some people may be a bit annoying, and they may even see it as unnecessary, but the truth is that any security we apply never hurts when it comes to our money on the Internet. Because it costs to earn it, and keeping it risk free or at least, as less exposed as possible should be our task.
2FA is a must wherever possible, i personality don't find it annoying and enable it wherever possible.
You are right, the responsibility of holding and securing crypto lies on oneself. There is no third party here.
Greetings my friend @karamyog. Very useful and important tips, sometimes we think we have security of our funds because we have stored the security phrases well and avoid connecting the wallet in fraudulent sites, but we do not take into account how vulnerable the browser can be, I think few take this into account, with what I have read also about the recent scams I will start to take more measures. Thanks for sharing these suggestions.
Same here.. the more one finds out about these hacks, the scarier the picture becomes. I also plan to secure most of my assets soon.
Greetings @ karamyog
Thank you very much for sharing such interesting tips to be able to have more secure our resources. I particularly use a lot Metamask I will keep in mind what you mention because security is very important and I would not want something to happen to my capital for these important and expensive dates.
Thank you very much for sharing
Don't use metamask to store your crypto. Use it as a checking account
Greetings friend, nowadays I have heard about many scams, especially metamask wallets, the tips you mention are excellent and I will surely put them into practice, because I would not like to be scammed having knowledge about what you are talking about.
Thanks for sharing those excellent tips, have a great weekend.
You're welcome
@tipu curate
Upvoted 👌 (Mana: 1/5) Get profit votes with @tipU :)
one of the great tip i noticed is that many people are not always of the importance o the 2FA Authentication in helping them to secure their metamask account. And many metamask users are not always aware of this which this always put their account into risk
I'm not aware if metamask allows 2fa.
Greetings friend @karamyog thanks for the good tips you share with us as we are clear about the security that our wallets must have and yet we neglect this scenario, so your post is a good tool to remember to put trust aside.
Entertaining reading. Regards
👍