How to NOT get hacked and lose all your cryptocurrency

Facebook
Reddit
Telegram

Most people do not get hacked. The minority of people in cryptocurrency are hacked. But hacks of cryptocurrency holders are so common that they are in almost ever news cycle. Here are the tips and tricks to avoid that happening to you. Learn from HEX.com founder Richard Heart, how NOT to get hacked and lose all your cryptocurrency. 

Basic Principle

Hackers and scammers are going to do everything they can to get your Seed Words. On many Ethereum wallets, “seed words” has recently been replaced with “secret recovery phrase” – the two terms are now considered interchangeable. Your SRP is typically 12 to 24 randomly generated words given to you when you create your wallet. For all intents and purposes, those seed words ARE your cryptocurrency. If they are compromised, your will lose all your money. 

So: how are hackers going to steal your seed phrase (secret recovery phrase)?

1. Fake Websites

Hackers and scammers will routinely create fake websites and advertise these fake websites at the top of google search results in order to direct you to dummy website. For example, you do a google search for MetaMask. The scammers will advertise their website as the top result, and if you click this ad, you will install a fake MetaMask app that will entice you to enter your seed phrases and you will lose all your money. 

2. Impersonating Support

Hackers and scammers will go into Twitter and Reddit threads and impersonate support services for well known wallets and dApps. If you go onto these threads asking for help, support or advice you will be inundated with messages from people posing as support services in their username. Then you will likely be re-directed to some kind of form that encourages you to enter your seed phrases as one of several fields in the form. 

3. Fake Airdrops, Rewards & Yield Farming

A slightly more advanced hack can occur when you authorize a Web 3.0 dApp to spend some or all of the cryptocurrency in your wallet. These requests need to be approved by the user, and usually this is done based on some incentive. Common incentives include Airdrops or new tokens, Rewards or Yield Farming (being paid inflation for staking some of your coins). 

If you do not have experience with a website, do not authorize it to spend your coins, ever.

4. SMS 2-Factor Authentication

Although not as prevalent, the use of 2-factor authentication hacking is a lethal way for hackers to get your crypto. This is much harder if you use an authenticator app. But for those of you still using text messages, take note. Hackers have the ability to falsify your identity with your cell phone provider, change your sim card or 2-fa recipient details and then authenticate into your email and more. Never, ever, ever use text messages for 2 factor authentication or your private information. 

What's Next?