fullstack_logo

Protecting Crypto: Best Practices

protecting crypto

Protecting crypto is one of the most important elements of crypto trading. This guide will break down the best practices for keeping your cryptocurrency safe.

The launch of the Bitcoin blockchain in 2009 represented one of the most significant financial developments of the last century — the ability for individuals to act as their own “bank,” placing them in full control of their own finances, from storage, to transmission, to the maintenance of the network upon which Bitcoin operates.
With great power comes great responsibility, however.

Cryptocurrency provides users with the ability to be their own bank, but also forces them to be their own security. Cryptocurrency can be stored using a broad range of different methods, but all cryptocurrencies share a common factors: wallet access and management through public keys and private keys.
Public keys are long chains of characters and are used to receive cryptocurrency, functioning as the public “address” of your funds on the blockchain. A private key is a similarly complex chain of characters, but if known can be used to access and spend all of the cryptocurrency within the wallet it opens.

It’s no surprise that almost $1.7 billion worth of cryptocurrency is stolen every year. In this article, we’ll take a look at the ways hackers target cryptocurrency owners and provide a list of the best practices you can use to protect your cryptocurrency holdings.

How Hackers Steal Your Crypto

Bad actors operate with a single goal: accessing your wallet, and draining it of funds. Wallets are generally separated into “hot” wallets, based on centralized platforms, and “cold” wallets, which are disconnected from the internet and are typically found in the form of dedicated devices.

    These are the three most common methods used by hackers to steal your crypto:

  1. 2FA Circumvention/Sim Swapping: Many exchanges use mobile phone numbers as an added security layer. Before a user can log in or transfer funds, an exchange will send a confirmation code via text messages. Hackers often call telecommunications companies and impersonate cryptocurrency holders, diverting their text messages to another device. Using this method, hackers are able to access exchange accounts and drain them of cryptocurrency.
  2. Exchange hacks: In many cases, cryptocurrency holders lose their funds through no fault of their own. If you store cryptocurrency on a centralized exchange, you’re trusting the exchange to store your cryptocurrency in a responsible manner. When the exchange is hacked and loses funds, you’re out of luck.
  3. Phishing Scams: The cryptocurrency ecosystem is home to hundreds of thousands of phishing scams. These can take the form of traditional phishing emails that attempt to defraud users out of their exchange logins, to more insidious fake Android and iOS applications that do the same.

How to Protect Your Cryptocurrency From Theft

The following tips will help you keep your cryptocurrency secure from bad actors and hackers:

Always Use 2FA

If you choose to use an exchange or centralized cryptocurrency trading platform, always use a platform that offers 2FA security. Simply setting up SMS authentication is not enough — always use a dedicated 2FA application such as Google Authenticator.

Use a Hardware Wallet

The long history of cryptocurrency exchange hacks proves an important point: your crypto is not safe on any exchange, regardless of how secure it claims to be. Store the majority of your cryptocurrency on a dedicated hardware wallet such as the Ledger or Trezor series. These devices are disconnected from the internet, never reveal private keys, and are largely considered “unhackable”.

Always use an Extremely Strong Password

Simple passwords are extremely easy for modern hackers to crack. Data published by security expert Troy Hunt indicates that 86 percent of all passwords are “terrible” and are extremely easy to break. When setting up accounts with cryptocurrency services, use a different password for every platform. When protecting crypto, consider using a complex password generator.

Lock Down Your Public Information

Sim swapping involves a large amount of social engineering — hackers will collect as much information as they can about a target, such as date of birth, family member names, etc, and use them when attempting to circumvent telecommunication carrier security authentication. Perform a review of your social media and ensure you’ve set your personal information to the highest privacy settings possible.

Protecting Crypto from Phishing Scams

Never enter your login details for any cryptocurrency related platform on a suspicious site. If you receive an email from a platform that you use, always check to make sure it’s from the correct email address, and only navigate to cryptocurrency exchanges and platforms by manually typing the correct address in the address bar.

Following the above guide will keep your crypto safe from the most common hacking practices. If you’ve been subject to a cryptocurrency hack, it may impact your tax obligations particularly with crypto tax returns. To learn more about the tax implications of crypto exchange hacks, get in touch with Fullstack today.

Was this article helpful?

illustration-Stuart-1
Stuart Reynolds is the founder of Fullstack Advisory, an award-winning accounting firm for businesses leading the future. He is a 3rd generation accountant who specialises in tech & online companies.

Share this Article

Find out more.

Need accounting
help?

Request a consultation and speak to one of our business accountants & advisors. Get clear next steps for your project.

Connect with us

Ask Us a Question?

Reach out to us about any of the topics in this article.

CONTACT US

Speak to our experts

Other ways to get in touch with us.


Your Privacy

Privacy

We will never share your details with any third-party.

This form collects your name contact number and email address so that we can contact with you and provide a quote for our services. Please check our Privacy policy to see how we protect and manage your submitted data.

HEAD OFFICE

Sydney

Suite 63, 388 George St, Sydney NSW 2000

BY APPOINTMENT

Melbourne

120 Spencer St Melbourne VIC 3000

BY APPOINTMENT

Brisbane

310 Edward St Brisbane QLD 4000