Tips for information security when working with cryptocurrency | Digital Rating Agency
We will call you soon!
  • Tips for information security when working with cryptocurrency

As practice shows, not all cryptocurrency users comply with safety rules, and as a result, many become victims of hackers or their cryptocurrency is lost.

According to our calculations, for the whole time of the bitcoin existence, approximately 20% was lost for various reasons, but it is possible to calculate how many bitcoins were stolen during the same period. It is also about 20%, and this is only publicly reported cases, it is clear that not all of them were made public.

These attacks will not end in the near future - with the current and further growth of the exchange rate your cryptocurrency will be more attractive for hackers.

We have prepared several tips to help you protect yourself: to determine the presence of malicious code on your computer in time and not to lose your money. Of course, it is difficult to follow all the rules, but even following a part of them will already significantly increase your safety level.

Another computer or LiveUSB

загрузочная_флешка.jpg

If you have large cryptocurrency sums, use another computer, do not install third-party software on it - only official wallets and programs from the operating system provider or large vendors. It is better not to use Windows.

Fake accounts in Slack and social networks

Watch out for those to whom you subscribe in social networks. It should be official service accounts. Check whether they are through official websites. Otherwise it may turn out that the page in the social network was created by a hacker and sooner or later you will see a phishing link and use it, thinking it is real. When receiving private messages in Slack from unknown users, be watchful.

VPN

VPN.png

Connect VPN. This is ideal if you can buy some reliable VPS hosting and put OpenVPN on it. If this is difficult for you, you can use one of the recommended reliable VPN-services. Among free options you can use ProtonVPN and TunnelBear, but they have serious limitations on speed and traffic, so it's better to get a paid VPN.

WiFi-router

It is most likely that you use the password "admin" or "1234". If this is so, change it necessarily and as quickly as possible, otherwise intruders, using your router, will shove you phishing sites. Also, update the software on a regular basis.

Browser

If possible, use another browser for cryptocurrency transactions. Do not put any extensions on it, especially cryptocurrency ones - they can substitute sites or intercept what you type on the keyboard. Interesting cryptocurrency websites are to be added to the bookmarks and opened through them, rather than typing the address in the browser line, do not search through the search engine. There is a lot of advertising, some of it leads to phishing sites (sites that are indistinguishable from the real ones visually, that require you to enter a login and password, bank card details, wallets' private keys).

The right smartphone

правильныи_смартфон.jpg

When choosing the phone, pay attention to the Apple phones - iPhone, as well as Google - Nexus / Pixel. All other smartphones are less secure since the elimination of critical vulnerabilities first produced by operating system manufacturers for their own devices (Apple and Google), and then all the other brands (and often it does not happen quickly).

Mobile apps

For cryptocurrency services, use only official mobile apps. You should not use those apps, the developer of which you do not know, and, obviously, do not give them access to your exchange account. It is better not to use mobile applications to store large cryptocurrency sums at all.

Ctrl+C/Ctrl+V

Double check the address of your wallet, that you copy into the partners chat or in the window of any service. Malicious programs or browser extensions can replace the address you need with another, and the money will go to the attacker.

Two-factor authentication

Двухфакторная_аутентификация_.jpg

Always use two-factor authentication. In this case, preference should be given to methods without SMS, for example, the application Google Authenticator or printed codes (but do not forget to save the backup recovery code). Theoretically, hackers can exploit the vulnerability of the SS7 protocol and intercept your SMS messages. But in any case, using SMS-two-factor authentication is safer than not using it at all.

Phishing e-mails

If you received a letter and you clicked on the link in it, never enter your data under any circumstances. Look at the address bar - very often it becomes clear immediately that the address you are on is some kind of strange one. If you clicked on the link in the e-mail and the service is familiar to you, reinsert and open the same site from the bookmarks (it is definitely the right one). Remember that phishing via e-mail is the most common way of hacking accounts. The leaks of the US Democratic Party and almost all known attacks are committed by phishing.

In any case, when you enter your logins and passwords, bank card data or private keys from cryptocurrency wallets, look at the website address and the green SSL certificate next to it.

Safety of cryptocurrency services

Безопасность_криптовалютных_сервисов_.jpg

Try to configure the services you use to the maximum safety level.

There is no guarantee that you are hundred percent safe, but following our advice, you can protect yourself in the vast majority of cases that could lead to the loss of your money.

Rating scores express an opinion of Digital Rating Agency and do not have any fact-finding mission or recommendations to buy, own, sell any of the assets or take any investment decisions. Digital Rating Agency does not undertake any responsibility for any consequences, interpretations, judgements, recommendations and other actions directly or indirectly related to the rating score, the rating assessments from Digital Rating Agency, any summary and conclusions contained in the rating report and rating releases, or the absence of abovementioned. The only source, depicting the real state of the rating score, is the official site www.digrate.com
Creative Commons
Disclaimer
Лицензия Creative Commons
Rating scores express an opinion of Digital Rating Agency and do not have any fact-finding mission or recommendations to buy, own, sell any assets and take any investment decisions. Digital Rating Agency does not undertake any responsibility for any consequences, interpretations, judgements, recommendations and other actions directly or indirectly related to the rating score, the rating operations conducted by Digital Rating Agency, any summary and conclusions contained in the rating report and rating releases, or the absence of abovementioned. The only source, depicting the real state of the rating score, is official site www.digrate.com