Becoming a crypto super hero can be an exhilarating and rewarding journey.
It's critical to grasp a solid understanding of crypto wallets. Without such, a wallet can be quickly emptied. There is no help line to call or way to reverse a transaction. Remember, only you can defend yourself with knowledge.
"With great power comes great responsibility"
- Peter Parker Principle
Listed in order of what not to do alongside with the correct action to do.
Elaborate scams or impersonation attempts are common schemes used by fraudsters to steal your private keys. Don't fall for it!
Have any more tips? Feel free to contribute.
Send a transaction blindly
Double check the cryptocurrency type, amount, and destination address
Send a large amount to new address
Send a small test transaction firstly
Type a complicated long address
Avoid typos by using a QR scanner or copy/paste an address
Leave your wallet unattended or unlocked
Logout or lock your wallet/device
Blindly trust downloaded wallets
Verify the authenticity of a wallet's hash
Store large amounts of crypto on an exchange or your phone/laptop
Store crypto on a dedicated hardware wallet aka Cold Storage
Use an exchange or 3rd party as a wallet
Reduce counterparty risk by using your own wallet
Carry around too much on mobile wallets
Store only what you need for everyday spending on mobile wallets
Use simple to guess/lazy passwords
Use a "password manager" to generate strong passwords
Type/take a photo/save your seed phrase or private keys anywhere online
Always keep your seed phrase or private keys offline
Share your seed phrase with anyone
Understand that anyone, with your seed phrase, can spend your funds
Forget your seed phrase/private keys/wallet PINs
Backup and write/etch them down on a physical object, not online. Even better, use a metal seed.
Only have one copy of your seed phrase
Keep multiple copies stored at multiple locations
Only have a seed written on paper.
Plan in case of a fire or flood. Use a metal seed.
Click unknown links that might steal your crypto (phishing)
Verify the correctness of a website's address
Use a wallet on an old device which may be full of vulnerabilities
Keep your phone/laptop up-to-date with security patches
Make transactions over public WIFI
Make transactions in a safe environment or over VPN
Use phone number based 2-factor authentication
Use Authy or OTP-based 2-factor authentication
Use your personal email for crypto
Use a separate dedicated email for crypto
Make transactions on insecure websites with only HTTP in the web address
Check for a padlock meaning the website is secure
Mix personal/work devices with lots of crypto
Use a device solely for the purpose of transacting crypto
Don't
Do
Don't
Do
Don't
Do