Cryptocurrency Security Guide For Beginners

Olga Shirimova
February 14, 2020
Cryptocurrency security guide article featured image

One of the major challenges any cryptocurrency user faces is security. This Cryptocurrency Security Guide will help beginners to protect their coins from all possible threats. Be it their own carelessness, or a cyberattack, or both.

Read it to make sure there are no protection gaps!

Cryptocurrency Security Guide: Intro

Before you start dealing with digital coins, you should be familiar with the basic concepts of blockchain and cryptocurrency. (If you haven’t done it yet, we recommend you to read our other articles first). These concepts are:

If you already know how cryptocurrencies work and even hold some digital coins, let’s see how you can lose them.

Basically, there are two ways to do it. The first way roots in the volatility of coins: your funds can lose most of their value for a reason that lies beyond your control. 

The second way is to overlook some security breaches. Keeping your coins safe is your own responsibility. If you lose your funds because the protection was weak, there will be no central authority to lend you a helping hand. 

Some Facts To Show The Importance Of Crypto Security Measures

  • As cryptocurrencies grow popular, the exchanges dealing with them attract a lot of malicious attention. The year of 2018 was record-breaking: the Japanese exchange Coincheck suffered a major hack. In general, exchanges have to take increasingly sophisticated measures to curb these risks.
  • Cyberattacks become more sophisticated, too. Hackers are constantly evolving and you need to have your protection regularly upgraded.
  • The amount of crypto stolen from exchanges is increasing with every year. In 2018, it was 13 times bigger than the amount stolen the previous year.
  • About 5 million BTC are probably lost forever. Some of their owners just lost their private keys.
  • Crypto investors lost over $225 million to various phishing scams.

With these figures in mind, we should be really serious about protecting our digital funds from the threats. Let’s see what these dangers are and then suggest some crypto security solutions.


The statistics of exchange hacks in 2018 is really scary. Image source: Coindesk

How users lose their digital funds

There are several reasons why you can lose your coins. Below, we offer the most common scenarios. 

Losing, Damaging, Or Forgetting Private Keys

Losing your private keys equals to losing your funds. Passing private keys to another person means passing them control over your cryptocurrency. Unfortunately, many users don’t understand the importance of these rules. They neglect the basic principle of cryptocurrency security.

Ways to lose your coins, according to LEDGEROPS.

Ignoring Safety Measures

Many users are not fully aware that keeping their coins safe is their own responsibility. These people are used to deal with centralized institutions like banks. So, these users ignore the basic cryptocurrency security rules. Besides, they don’t update their antivirus software, use simple passwords and don’t apply additional levels of protection like 2AF. They use public Wi-Fi. In addition, they make no secret of their cryptocurrency-related activity.

Criminal Activity

As we said, criminals keep improving their tactics and strategies, applying the most advanced tech solutions. Here are some methods they use to pocket your money or otherwise use your resources.

  • Ransomware. It encrypts files on your computer and then demands BTC ransom for the decryption key.
  • Phishing. They create fake websites that look like the sites of some service providers you use. You enter your data there, and scammers apply it to steal your coins.
  • Hijacking your session. If you use a Wi-Fi hotspot in a public place, you are in danger. A hacker can intercept your sensitive info. It does not even require advanced skills.
  • Breaking exchanges and other places storing big amounts of cryptocurrency. Any large exchange is a honeypot attracting many hackers. It may be difficult to bypass its security system, but the prize is huge, too. The exchanges with a low level of protection are easy victims.
  • Scams. Criminals often play on human greed and ignorance. They persuade BTC users to invest their money in some win-win schemes, promising quick multiple returns. Often, they pretend to be a decent service provider.
  • Cryptojacking. Hackers use a special kind of malware to use the computing power of your PC for mining cryptocurrency. Naturally, they don’t ask your permission. Most often, they mine Monero or other private coins. 
  • Scam ICO. Bad guys start an ICO, launch a big promo campaign for it and talk investors into buying their tokens with BTC. Sometimes they offer a kind of ‘reference program’, rewarding the investors for bringing new clients. When the scammers have enough money collected, they close the shop. Read more about ICO here.

A typical phishing letter, urging you to update your account details. Image source: RVT6

How to keep your coins safe

Ok, we have outlined the threats you should be aware of. Now, let’s pass to what you can do to protect your coins from them. It’s the main purpose of our Cryptocurrency security guide.

Apply all the recommended cybersecurity measures

The most common of them are:

  • Strong password. It must belong and contain letters, numbers and special characters in random order. And it mustn’t be applied for any other service you use. If you are afraid to forget or lose this password, consider using a good password manager. It’s a service that stores your passwords and other vulnerable information.
  • 2FA (2-Factor Authentication). With this feature enabled, you will have to enter an additional one-time code every time you login or withdraw funds. This code is generated and sent to your phone by the system. Every decent exchange/wallet provider insists on 2AF.
  • Brand-new email address. When you create an account, you have to link your valid email to it. The best thing to do is to create a new email account for this purpose, protect it with a strong password and keep it secret. Never share this address with anyone and don’t use it for another account.

Install Reliable Anti-virus Software

Opt for a full (paid) version. Forget about freeware – this is the case when the cheapest is the dearest. A free version is a demo. Its purpose is to make you familiar with the product and not to ensure 100% protection.  

No Web Games

Hackers know that many gamers tend to sacrifice protection for speed and possess valuable game assets. This fact attracts the attention you don’t want if you deal with crypto. Thus, uninstall web-games from the device you use for managing your digital money.

The best way to ensure your cryptocurrency security is to keep it in a cold wallet. Image source: CoolWallet

Isolate the bulk of your funds

Disconnect your computer from the internet when no transaction is underway. It will keep your money isolated most of the time. To make an attack, hackers need some time. If you are connected only for a short period, it makes their task extremely hard.

If you hold a massive amount of coins (say, for a long term investment), think of buying hardware storage. It’s a USB device that can be connected to your PC anytime you need to make a transaction. At other times, a cold wallet stays disconnected. The most popular hardware wallet manufacturers are Trezor and Ledger, both featuring a very high level of safety.

Use VPN

As you are constantly transferring sensitive information, use VPN (Virtual Private Network) to encrypt its path. Install a VPN client to the device you use for cryptocurrency. Note that not all VPN providers are trustworthy, especially if they offer their stuff free of charge. As we have said, nothing is totally free, and every company has to earn its bread. VPN freeware providers may take their digital toll by collecting your info for marketing needs. Besides, freeware does not ensure the level of protection you look for. 

Choose a Secure Exchange For Trading

If you are going to become a trader, make sure your exchange implements all the safety measures we mentioned above. Besides, make research to check if this platform has a record of successful hacks. The absence of such records means they have an experienced team, able to prevent cyber attacks. We also recommend seeing the About section on the exchange website for the company info. The more details (address, license, policies, etc.) they show, the better.


Phishing links may appear in top position in Google, so take care.
Image source: Talosintelligence

Think Twice Before Clicking On a Link In a Message Or Ad 

Cybercriminals who are after you BTC may send you a message with a malicious link embedded in it. Such a message may promise you something (‘claim a bonus’) or try to make you panic (‘your exchange account is under attack’). In any case, it creates a feeling of urgency and makes you act immediately. You click on the link and get to a phishing site, an exact copy of the site of the official service provider. You enter your password there and – voila! – the hackers get access to your account and your funds.

Therefore, the best tip would be to avoid opening links if you are not 100% sure they are ok. Contact your provider if you have some doubts. Also, pay attention to the address bar of the site where you leave your data. It must have a padlock icon, meaning the communication between the browser and server is encrypted. Phishing sites never have it, only the authentic ones.

You can create a backup of your private key using a special function in your wallet.
Image source: GitHub

Backup Your Private Key

You cannot be too paranoid about your private keys. As you know, losing them means losing your funds. Thus, create a backup of your wallet file (you have this feature in your wallet app). You can save this file to a USB device disconnected from the internet. Another way is to create a paper backup by printing this file. Don’t forget to delete the wallet file from your PC and clear the printer’s memory.

Whatever the method, you must be sure the printout or USB drive lies in a safe place. The best storage for it would be a bank vault. You can also bury it in your garden, but make sure it cannot be found by anyone or destroyed by elements. 

Shoulder surfing is an easy way to copy your data, especially with a phone cam at hand. Image source: Technology.ie

Be Secretive About Your Bitcoins

Don’t discuss your cryptocurrency-related activity in public. For many people, having bitcoins means that you are rich and don’t really deserve it. Few people understand what cryptocurrency is. But most of them heard crazy stories about early Bitcoin investors who made billions. So, if you mention this currency in a conversation with strangers or write about your holdings on your Facebook page, you and your family may become a target.
If you travel around a lot, note that in some countries dealing with cryptocurrency is illegal. So, be shy about your holdings.

Finally, don’t flash your cryptocurrency wallet in public places. If you have to, make sure no one can see the screen of your device. Today, when everyone has a camera on their phone, it’s easy to take a shot of your screen when you don’t see. This practice is called ‘shoulder surfing’

Conclusion

To sum it up, in a decentralized system you are the one who takes care of safety issues. We know that cryptocurrency security may seem too stressful and difficult, it is actually not. There are many convenient tools developed to make your task easier, and they keep improving. 

And remember that it’s important to follow the news. Thus you will be aware of the new threats and solutions that you can use to deflect them.

Latest news

8 Ways To Maintain Cybersecurity For Remote Work

If you are reading this, you are probably working from home. With the recent Covid-19 outbreak causing tectonic shifts in the job market, more and more people are forced to work remotely. With this sudden move to remote work, learning the basic rules of cybersecurity is extremely important, both for employees and their employers. TABLE...

Olga Shirimova
April 3, 2020