This article will help you understand common hacker attack methods and effective tips that many people use to protect their crypto assets.
Identifying Crypto Asset Attackers
Common Crypto Scams
Coin98 has published an article listing the 15 most common scams in Crypto today. You should refer to it and take note of it. Although there are many forms, basically, all of those tricks have a pattern of exploiting users’ greed, such as:
- Promising huge profits.
- Entice you to invite more users.
- Ask for your Private keys, Seed phrase.
Direct attack on the project
Instead of scamming users, hackers directly attack and withdraw assets from the project. DeFi is still very young and security measures haven’t really kept up with the explosive growth of this space.
At first glance, this method doesn’t affect you much, simply connecting your wallet to participate in activities such as Swap, borrowing. But it will affect those who are keeping money in the project, such as providing liquidity or depositing money for lending.
So how to effectively secure assets? Here are some tips that can help you:
04 tips to effectively protect Crypto assets
Surely you also know the importance of Passphrase or Private Key, and in fact the way to secure these two things is no different, so in this article, I only use Passphrase as a representative.
If you do not clearly understand the importance of these 2 types of keys, you can refer to the article below.
Learn: What are Private Key & Passphrase? How to store safely and securely.
Choose where to store
After creating any wallet, the first thing you need to do is not deposit money, but store Passphrase. Here are some places you can consider:
- Online: Google Sheets, Google Docs,…
- Offline: Word, Excel, Note on the phone,…
- Physical: Write it down on paper.
The above tools all have different advantages and disadvantages shown in the table below
Encrypting Your Passphrase
If you’ve chosen a suitable storage location, you can write your passphrase down there. But if you still have doubts about security, you can “obfuscate” your passphrase in the following way:
- Select a few characters in the passphrase, then change them to another word or change the order according to a rule only you know.
- Record the encryption method elsewhere.
With this method, even if others can see the passphrase, they won’t be able to access your wallet. But the downside is that you need to remember the “decryption key,” unless you want your assets to remain dormant like how many people let their BTC “sleep” for years.
Another way for those who like to write on paper is to write the passphrase on multiple pieces of paper, then give them to several other people to keep, or store them in a safe. This method is quite secure but quite laborious and requires that those people do not understand anything about the content on the paper.
Using Multiple Wallets for Different Activities
DeFi is an environment with diverse activities. Therefore, if you want to secure your assets, you should have multiple wallets to participate in and experience different projects. If you only use one wallet to store all assets, then use that same wallet to participate in testnet and encounter a scam project, losing money is just a matter of time.
For easy visualization, you can categorize them as follows:
- Main wallet: Divide into many wallets with different functions such as holding top coins (ETH, BTC,…), low cap,… Wallets in this category should be LIMITED in connecting to any project.
- Testnet wallet: Contains a small amount of money to experience products. You can connect wallets in this category to any project.
In addition, using multiple wallets also inadvertently increases your chances of winning Airdrop if you interact with a project that wants to thank users like Uniswap or 1inch. So using multiple wallets is probably something 1 everyone should do. The only downside is that you need to carefully save the passphrase for each wallet.
Using a Separate Email
Email is often not much related to decentralized wallets, but it will be related to CEX exchanges. Many people use one email for many things, from work, private matters, to creating accounts,… So if the email is leaked, it is highly likely that the security of the exchange will also be significantly reduced.
Therefore, you need to create separate emails for separate purposes, so that if they are leaked, the damage will be significantly reduced. In addition, the above reason is also partly why decentralized wallets were born, you should balance between keeping them on exchanges and on decentralized wallets.
Common Cases of Security Incidents
Accessing Scam Applications
Many people like to experience Testnet hoping to have a chance to receive Retroactive, but if they connect to an unreliable application, they will lose assets.
To avoid this situation, you need to:
- Check project credibility: There is no specific way to check, but you can take a quick look at how people talk about the project, or look at the project’s backers, team, or simply look at the web design to see if it’s sloppy.
- Revoke: Revoke helps you completely disconnect from the project. So after you come into contact with the project, it is best to revoke your wallet.
Learn more: What is Revoke? How to use Revoke to secure assets?
Wallet is faulty, Passphrase not displayed
Some wallets have a feature to display passphrase information when the user wants to view it. But on a not-so-good day, the wallet suddenly doesn’t display the information due to some error. At this time, you must not delete the wallet if you do not save the passphrase, but need to contact the project to find a solution.
And that is the reason why we MUST NOT be subjective, we need to save this important information before using any wallet features. Because even if it is a decentralized wallet (no one holds your key), but “not your key, not your coin”, if you don’t even have the key, no one can keep it for you.
Conclusion
Hope the above article has provided you with some more information and tools to protect your assets.
DeFi will increasingly develop, and attacks will also happen more and more. This is an indispensable part to help this space mature and become safer for users. But hopefully you won’t be a part of that process.
