The data that is collected by your wallet provider, and the information that is possible to gain from your computer for marketing purposes, can be combined to allow hackers to sneak into your digital wallet.
The possibility of revealing your secret key to your wallet provider is real, and that data can be accessed simply by hacking the wallet provider’s servers or through insider hacking.
There are a number of important safety and security practices that can help to protect your private keys and therefore protect your funds.
First, it is wise to find a wallet with security measures beyond the normal wallet providers. Some wallets are now using encryption to protect the private keys. Companies like Corion have created a code package that encrypts the key data and protects it from insider hacking.
The above company offers a variety of services including a wallet and an exchange, all of which use encryption for private keys. Corion stands for capital online reward incentive optimized network – meaning that the company incentivizes consumers to use the platform by giving them rewards for activity. Corion has also shared the code for their Safety Look Solution so that other wallet providers can offer the same level of security. The details are available on their GitHub here.
Users should always have at least two digital wallets (or even more, depends on the number of crypto funds). One wallet should be used for trading and transactional purposes, and the other wallet should be used to store savings and be kept in a secure location. This type of wallet must be a cold storage wallet. In any way, a backup of the private keys has to be stored safely offline (it’s a good idea to separate the private key into 2-3 parts and store them safely away from each other).
Be careful about where you go online when you’re using a device that has a wallet on it. Dangerous websites and risky wi-fi networks put your wallet at risk. At the same time, do not leave your device unattended, or lend it to anyone.
If your device holding your wallet needs service, be sure to move the funds from the wallet before having the service done. Further, it is wise to change wallets every few months in order to not allow the wallet security to grow thin over time.
Phishing scams through Google Ads and through email are rampant in the crypto world. Phishing scams are becoming more and more elaborate, make sure email received from wallet companies have their domain spelled correctly and never look for their web address clicking on Google ads. Once you send a phishing website your private key you can say goodbye to your funds.
It is always a good idea to turn off auto-updates for applications relating to the crypto sphere. Application bugs can potentially create massive losses for account holders. It’s best to wait 2-3 days after an update has been released to see if any bugs appear. Once the app has been tested by other users, it’s a safe bet that you can install it without risk.
It is best to enable two-factor authentication (2FA) if your wallet allows for it. 2FA is simply a double authentication of who you are. 2FA Authentication can be done in different ways – Google Authenticator app uses a 6 digit code that is changing minute by minute and is unique to you, another option is to add biometric identification like a fingerprint. Whichever you choose, 2FA is very important in order to increase security.
It is important to double-check the address that you send any payment transaction. There are malicious programs that can edit a ‘copy and paste’ procedure in order to paste a different address, the new address belongs to an attacker. It’s usually best to send a micro-payment as a verification, and then send the larger payment to the verified address.
It is important when using a web wallet, to ensure that there is an SSL security mark in the address window of your web browser. This stands for a secure site seal and ensures that your browsing is encrypted. The website should begin with HTTPS, rather than HTTP and you should notice a lock sign next to the URL. Again, security is critical when dealing with digital wallets.
Use a non-public email address for all your crypto accounts including exchanges. For that mail, set up a two-factor verification. As always, make up a strong password (including some unique characters).