Security

Don't fall for scammers' tricks! Here are 10 simple security rules.

Blockchain technology offers a high level of security, yet the human factor still exists. Moreover, scammers continuously develop new ways to deceive unsuspecting users. Thus, it's time for all of us to consider how to protect our assets. Blockchain transactions are anonymous and irreversible, which can be both an advantage and a disadvantage. If funds from your wallet are transferred to another wallet, you will not be able to reverse the transaction. Therefore, you need to be particularly careful and remember cybersecurity rules. Only awareness and constant vigilance will protect your money from encroachments. Next, we will tell you about the basic concepts of cybersecurity, the most common threats, and ways to protect against them.

1. Seed Phrase.

A mnemonic phrase, or seed phrase, or "12 words" is a generated set of words issued when creating a wallet. The phrase is generated once and cannot be changed or restored. The seed phrase allows 100% access to your wallet and assets, so it's crucial to keep your 12 words safe and not share them with third parties.

Threat Examples:

An attacker obtains the seed phrase and withdraws all crypto assets, gains access to Web3 signed products, and it becomes impossible to restrict access for the attacker.

Precautionary Measures:

• Do not share your 12 words with anyone.

• Do not take photos or screenshots of your seed phrase.

• Do not enter your 12 words into third-party forms, websites, apps, or anywhere else.

• Keep your phrase on paper or in a personal notebook in the safest place you can find, such as at home with your documents.

1. Private Key.

The private key is a combination of letters and numbers that allows you to control your wallet and assets. Only the address owner should know the private key; it cannot be changed or deactivated. The private key is similar to the seed phrase but is directly related to the functioning of blockchain technology.

Threat Examples:

An attacker who obtains the private key gains access to assets and control over the wallet forever.

Precautionary Measures:

• Do not copy or request your private key from the blockchain unnecessarily.

• If you need the key, store it cautiously, especially if it's on an electronic device.

• It is strictly prohibited to transfer, insert, or publish your private key! Wallet Address

1. Wallet Address.

The wallet address (public key) is a combination of digits and letters for transferring and receiving cryptocurrency. The address is not something secret, but remember, knowing the address, one can find out what assets are stored on it and in what amount.

Precautionary Measures:

Anyone can see all incoming and outgoing transactions; this is public information. Sometimes it makes sense to secure the address with the owner's anonymity.

1. Phishing Web Pages.

Increasingly, you can see phishing websites (clones of originals) that can confuse and harm.

Threat Examples:

A phishing website may attempt to obtain logins, passwords, seed phrases, and other information. Moreover, some websites may steal assets when interacting via Web3.

Precautionary Measures:

• Always check the spelling of the domain name—sometimes it is replaced with a similar one.

• Check for an SSL certificate (lock icon next to the input line).

• Do not follow links from strangers.

1. Cryptocurrency Exchanges.

More and more false cryptocurrency exchanges appear on the internet, offering to store assets with them on very favorable terms.

Threat Examples:

"One-day" exchanges attract users to their websites to receive deposits and then close down.

Precautionary Measures:

Before using any cryptocurrency exchange, study comments and reviews.

1. Telegram Bots and Telegram Chats/Groups.

A popular form of phishing in Telegram involves fake bots using well-known platform and project names.

Threat Examples:

• A Telegram bot offers to make a deposit and receive super profits in just a few hours.

• Some Telegram bots try to gain access to seed phrases or private keys of users through a survey.

Precautionary Measures:

• Use only Telegram bots linked in the official resources of platforms and projects.

Telegram Chats/Groups.

Some users find they are invited to a Telegram chat about cryptocurrencies. Moreover, such a chat has many participants (several thousand) and some activity.

Threat Examples:

• Fraudulent Telegram chats aim to profit from stealing data, assets, and advertising obviously risky financial products.

• Moreover, such chats are designed so that a person asks a question and starts a dialogue, during which they are likely to be deceived.

Precautionary Measures:

• Immediately leave unknown Telegram chats.

• Do not follow links distributed in such chats.

• In Telegram settings, disable the ability to add you to groups.

1. Fake Accounts of Famous People or Project Administrators.

An offender using the name and photo of a famous person or a representative of a well-known project may contact you on any social network.

Threat Examples:

• Offenders post on social networks and messengers, posing as the owner or administrator of a project.

• Using someone else's identity and photo, attackers usually ask you to make a transaction or grant them access to your assets.

Precautionary Measures:

• Do not trust scammers, regardless of who they pretend to be.

• Do not attempt to engage in dialogue; just ignore their messages.

• Do not trust screenshots and photos from scammers, as all this can be easily faked.

• Remember that offers of easy earnings are almost always scams.

1. Tokens Credited to Personal Wallet.

Offenders use special software to track active wallet transactions and credit tokens to the wallet, which may even have a dollar value.

Threat Examples:

Tokens credited to the wallet have the website address in their name. This is intended to make a person visit this website and try to sell these tokens to make money. But once you start exchanging such tokens, all crypto assets will be debited from your wallet. Moreover, the software may gain access to the wallet and continue to debit all incoming assets.

Precautionary Measures:

Do not respond to incoming tokens you did not expect. In such a situation, the safest solution is not to try to transfer or sell them. Simply leaving them on your address, these tokens will not harm you.

1. Websites with Malicious Clipboard Software.

Fraudulent websites may contain malicious software. Downloading files or interacting with such a website poses a risk of infection with malware that will control your computer.

Threat Examples:

Malware most often connects to Windows operating systems and sometimes to Mac computers. Once connected to your computer, malware replaces your copied cryptocurrency address with its own. Not noticing the address substitution, users may transfer funds to a fraudulent address without suspecting anything.

Precautionary Measures:

• Do not visit unknown and suspicious websites.

• If you find that the cryptocurrency address is being replaced when copying and pasting, you should remove any malware on your device or consult a professional.

1. Tests, Forms, and Surveys.

There are certain surveys on the internet and messengers that mislead and try to gain access to your cryptocurrency wallet.

Threat Examples:

A survey or quiz is offered, in which questions are gradually asked, some of which imply that users leave their 12 words or private key, for example, under the pretext of receiving a cash prize. After you disclose your 12 words or private key, your wallet will no longer belong only to you, and scammers will instantly seize all assets.

Precautionary Measures:

Be cautious with any cryptocurrency-related surveys and tests. Never disclose your personal data, passwords, or access to wallets under any circumstances. So, if you know the basic rules of cybersecurity for cryptocurrency transactions and always adhere to them, you have nothing to fear. Stay vigilant and do not forget to share useful information with others.