The keys to maintaining your crypto secure

Conserving your crypto secure doesn’t should be daunting. On this piece. Coinbase VP of Safety, Philip Martin, provides some finest practices to remain one step forward of hackers and scammers.

One of many major advantages of cryptocurrencies is that they permit folks to have interaction in on-line transactions with out the necessity for an middleman like a financial institution or credit-card firm. As a substitute, anybody who desires to ship or obtain cryptocurrency creates a “cryptographic key” — a file containing a random secret code — that may then be used to authorize transactions from their cryptocurrency wallets. If an attacker will get entry to that key, they immediately achieve management the cryptocurrency pockets as in the event that they had been the proprietor. That’s why it’s important to guard your keys should you handle them your self, and lock down your accounts at trusted third-party companies like Coinbase that assist handle your keys for you.

Cyber criminals depend on a variety of methods to attempt to separate you out of your cryptocurrency. They are going to typically pose as somebody reliable and attempt to persuade you handy over account data, a type of on-line menace often known as social engineering. Or they could gather private data you’ve shared on social media to impersonate you and entry your electronic mail or cell phone accounts. These threats pose the largest danger to purchasing and promoting crypto on trusted exchanges. The truth is, the best menace we’ve seen to folks shedding their crypto is human error, not the expertise itself.

Coinbase works laborious to battle fraud from throughout the platform. For additional safety, listed below are steps you may take to make sure your crypto stays in your arms, and solely your arms.

5 easy steps to maintain your crypto secure

Create robust passwords

  • Fundamental: Provide you with lengthy passwords (16 or more characters) that you simply haven’t used elsewhere on the web
  • Higher: Use a password supervisor like LastPass, 1Password, or Dashlane to create and keep in mind your passwords
  • Bonus: Examine to see should you’re utilizing a dangerous password at

Use 2-factor authentication (2FA)

  • Fundamental: Require a one-time 2FA code despatched to your machine each time you login, so that somebody can’t entry your account even when they steal your password
  • Higher: Use an authentication app like Google Authenticator or Authy as an alternative of SMS-based 2FA, as cell carriers have identified safety weaknesses
  • Bonus: name your cell provider and instruct them to place a telephone porting and SIM swapping lock in your account

Don’t make your self a goal

  • Fundamental: Don’t brag about your cryptocurrency holdings on-line, identical to you wouldn’t promote inheriting $50 million
  • Higher: Review your online presence and see how a lot private data somebody may find out about you to steal your id

Don’t fall for methods

  • Fundamental: Hackers posing as tech assist might stress you to your account credentials. Reputable exchanges gained’t ask you for passwords, 2FA codes, or for distant entry to your pc
  • Higher: If somebody reaches out to you and also you’re unsure if it’s a rip-off, you may attain out to [email protected] to verify whether or not it’s authentic. And keep in mind, Microsoft, Google, and Apple won't ever name you about your pc

Examine the URL

  • Fundamental: Scammers create pretend websites that seem like actual exchanges however are designed to steal account data. Double test the online handle earlier than you commerce
  • Higher: Sort within the alternate URL your self relatively than clicking any hyperlinks emailed to you, or use a bookmark in your browser

Be looking out for these frequent scams

Tech assist rip-off

If somebody calls you posing as a Coinbase or pc assist agent, be careful! That is probably a tech assist rip-off. The fraudster will let you know that there’s a virus in your pc or one thing fallacious together with your Coinbase account, and ask you to put in distant desktop software program or present your Coinbase login credentials to allow them to “diagnose the issue.” In actuality, they’ll use the entry you’ve granted to switch your cryptocurrency to their very own wallets. Bear in mind, Coinbase won't ever name you.

A tech assist rip-off utilizing social media chat to steal usernames and passwords from Coinbase clients
Scammers put up pretend 1–800 numbers for Coinbase utilizing Google Adverts and serps. The one authentic Coinbase telephone quantity is listed on
Even should you’re not making an attempt to name Coinbase, these pretend tech assist adverts and telephone numbers should try and socially engineer you into offering entry to your pc or Coinbase account.

Electronic mail compromise

Your on-line accounts are solely as safe as your electronic mail password. If somebody is ready to log into your electronic mail account, they'll ship themselves password reset emails from Coinbase and alter your password to at least one that they management.


Are you positive you’re truly logging into your Coinbase account? Or is it only a lookalike web site designed to steal your login credentials? Phishing web sites, emails, and SMS messages are designed to make you suppose that you simply’re visiting the actual Coinbase web site. However when you test the URL, you’ll discover that it’s one thing else fully, like with the quantity zero rather than the letter “o.”

Caption: A phishing web site impersonating the Coinbase login web page. Despite the fact that the URL contains the phrase “Coinbase”, it’s truly one other area fully.

Pyramid schemes and giveaway scams

If one thing appears too good to be true, it most likely is. Web sites with a pyramid scheme construction promise excessive returns or different rewards in alternate for an preliminary funding of cryptocurrency. However they usually make off with buyers’ cash fully. Scammers will usually pose as celebrities providing to double your cryptocurrency should you ship them a small quantity, however in actuality, when you press “ship” that cryptocurrency is gone without end.

Caption: A Twitter account

t impersonating the movie star John McAfee. Any cryptocurrency you ship to this scammer will disappear without end.

By taking time to know how cryptocurrency works and following some primary safety steps, you can also make positive your crypto stays secure. To be taught extra, go to taught.


The keys to keeping your crypto safe was initially printed in The Coinbase Blog on Medium, the place individuals are persevering with the dialog by highlighting and responding to this story.

Leave a Reply

Your email address will not be published. Required fields are marked *