Maybe this will be a primer for you, or if you are a mature user of crypto and nfts, it will be a review. Whatever your angle, we hope this article can be a good refresher on crypto and security practices.
Quick start security checklist:
- Use 2-factor authentication (2FA) for all accounts.
- Split holdings across multiple wallets and accounts.
- Consider using a hardware wallet like Ledger.
- Keep software updated.
- Use strong passphrases instead of passwords.
- Do regular backups.
- Be skeptical of yields over 10% APY.
- Verify NFT collections before purchasing.
- Use escrow for OTC trades.
- Avoid responding to unsolicited technical support offers.
- Diversify holdings to hedge against potential rug pulls.
- Do not talk about high value crypto or nft assets.
- Extravagant purchases attract predators if you like to be a show off.
Use multiple wallets.
Wallets are usually free to make. Store your keys on paper and somewhere you will remember. Seed phrases are best saved offline. But even if stored on your pc, make more wallets and store the keys on different devices.
The more spread out, the better. For example, if a hacker gets one of your wallets with $$$ worth of NFTs, they only got 1/3 of your worth and not 100% of it. The same applies to any crypto. Use cold wallets, that is, wallets not connected to the internet or disconnected devices. We currently do not trust Ledger devices but prefer offline computers that cannot auto update. However, that is a popular option people do use but exercise great caution and do not store your full net worth on a single device if you do this.
But practice caution so that you do not lose your private keys accidentally as that is becoming an issue as time wears on and devices are swapped out for new ones.
Be cautious about using centralized exchanges.
Centralized exchanges are Kucoin, Huobi, Binance and more. They do not let you own your private keys and for this reason are ALWAYS a high security risk.
For example, if you want to withdraw your funds or use them in some way, they retain control over when you can do that. If their site goes down or new laws come into play, you will be restricted based on those rules.
Recently, Kucoin placed Know Your Customer restrictions and prevented people from being able to use their own crypto! This can happen at any Centralized Exchange and CBDC (Centralized Crypto currency).
Do not sign sites that are suspicious.
If an email looks suspicious, don't open it. If the sender's email address doesn't match up to the domain name of the exchange, or looks unfamiliar - don't open it. Delete that email and only trust the exchanges you frequently use in safety.
If Meta Mask notification pops up, do your best to pay attention. If you practice doing this rather than being hasty with auto approving notifications, you may save yourself some money and heart ache.
Make sure the URL matches
Be very cautious about swaps, especially ones you visit rarely. Websites where you can exchange your crypto for other kinds of crypto are easy to replicate. Some of them have funny looking urls. Fraudsters use some of these url names and our poor memory can work to trick us into using the fraudster's copycat website. It will take your crypto and your NFTs!
So, ALWAYS verify the URL. This is especially a risk when using social media like Twitter. On Twitter, fraudsters impersonate exchanges, websites, crypto bros and more and then mislead users into visiting a knock off website where their victim's wallets will be drained.
Not Your Keys, Not Your Crypto
This is the mantra of crypto. If you don't have private keys, a seed phrase (12 words or so) from account creation stage, then you don't really own that crypto. Remembering this, you will stay cautious about exchanges that are centralized and also about what it means to be part of a larger crypto community on Earth.
The Crypto Mindset is About Egalitarianism
Crypto is about removing the middle man - the banks and government - and your job is to enable the free exchange of crypto between people.
Why is this egalitarian mindset important?
Because the middle man works for himself, but Peer to Peer and Open Source treats everyone as an equal, worthy of trading and barter.
Imagine if art were banned tomorrow? Centralization enables a single point of infrastructure to say "No, I won't allow this in the world." Or, similarly, imagine if music were banned tomorrow? Centralization says, "I won't allow you to exchange XYZ because I want a fee first, or you have to abide by my oppressive arbitrary rules."
If some people are not allowed to exchange their power/work for other kinds of power/work, then we have greatly unfair systems, and then everyone will suffer. We also know economies that mistreat their citizens do not exist for very long and often go into great recession and collapse. But that's another story.
Egalitarianism is crypto, crypto is egalitarianism. If it is centralized, it is worthless.