Cryptocurrency market growth is accelerating rapidly. Physical money and investment foundations had most vulnerabilities detected and ironed-out during last hundred of years. And a majority of security issues are covered by institutions like SEC or FINRA. In contrast, an emerging class of crypto-holders is solely responsible for securely storing their funds. It makes them a target for hackers. Considering this, your security and protection depend only on the wallet service you choose and actions you take to ensure you’re safe.
Investment is always a risk
This is especially true for blockchain investments that involve high volatility. Orderbook does a comprehensive research and compliance review of all the projects listed on the platform. A fake or suspicious project won’t get listed on a platform. However, stated above is not a warranty for a project to be successful in a rapidly evolving market. Thus, the rule of thumb about how to invest is:
- If you have reliable passive income, then do not invest over 15% of your net worth. Watch for those invested assets would not be critical for your passive income.
- If you don’t have reliable passive income, then assume your starting investment pool as being zero. Then proceed with adding to your investment pool up to 50% of your monthly income each month.
- Diversify your investment portfolio. Don’t put all of your eggs into a single basket. This decreases your chances to be devastated by the downfall of one single project (the majority of early projects go bankrupt). It also increases your chances for good gains because of lucky investment into skyrocketing projects.
- Don’t bet your money on someone else’s predictions. Reliable information about future moves of the financial markets is money. Why would someone give you free money? Don’t be lazy to do your own research. This is the only reliable way to become a competent investor.
Know what info to share
Orderbook support never asks you to provide your password or private key. In case of security need (changing authentication source) support will confirm your identity using information that only account’s owner knows.
If you receive any emails/calls concerning your account, ask yourself a question “does it makes sense for my service provider to ask me that information?” If any doubts arise, then cease communication immediately and contact your service provider yourself.
Secure your data
The strength of an entire chain equals the strength of its weakest link. All the rules provided below are equally important. Make your computer and phone as safe as possible.
Enable drive encryption
If you use macOS:
You should enable FileVault
- Read Enabling FileVault for instructions.
- It is recommended to select “create a local recovery key” option – do NOT allow iCloud to store your encryption key. Keep the letters and numbers of the key in your password manager.
- Then (still in the Security & Privacy section of system preferences), go to the “General” tab and choose to require a password immediately after sleep or the screen saver begins. This ensures that when you put your machine to sleep, no one can quickly wake it up and start using it.
If you use Windows:
You should enable BitLocker
- Read Enabling BitLocker for instructions.
- Make sure you know your startup PIN, print the recovery key, keep them secure
- Then go to the Control Panel – Appearance and Personalization, click on Change Screen Saver, check the box “On resume, display login screen.”
This will ensure that your laptop content is encrypted and safe. Your password will protect the data. Never tell your password to anyone. You can always forget the password in emergency situations. Do not record it on papers/notebook which you carry with you.
Safe Web browsing
- Keep your operating system up to date.
- Use Google Chrome or Safari as a primary web browser.
- Make sure you don’t have unreliable extensions installed that could spy on all your content (how to?).
- Try not to use the browser’s Save password feature. Use encrypted storages for passwords (1password, LastPass, Passpack or similar).
- The connection should be considered compromised if you see SSL warning in the browser.
- Enable two-factor authentication (2FA, OTP) wherever possible, but avoid SMS authentication – your phone number can be relatively easily stolen using a number of technics.
- Avoid open Wi-Fi networks, use VPN in such locations.
- It’s recommended to use antivirus and not connect your computer to the internet until antivirus software is installed.
- With or without an adblocker, never click on advertisements.
Protection from phishing
Phishing messages contain URLs that link to a fake website that looks just like some service you looked for, but all the information you enter will be stolen.
- Install MetaMask. It warns you if you go to a known malicious website.
- Add Orderbook and all crypto sites you use to bookmarks and use them to open the site when you need. Links in search engines and emails could lead to a fake website.
- Always verify URLs of the services you use.
- Trust only information posted by official sources. Telegram spam bots and phishing sites are the reason scammers get millions.
- Do not trust URLs sent via private messages. Always verify information with a secondary source. Check any suspicious links or files here before opening.
- Never enter your passwords, private keys or other sensitive data on a website that you were sent via message.
Your password is the secret that protects your account and all tokens in it. Orderbook is designed to deny any actions on your account unless a valid password is provided. Neither administration nor our server software can transfer or trade tokens on your account. Orderbook team will never ask for your password or offer you to install some software on your computer.
- Use a password manager (1password, LastPass, Passpack or similar) to store passwords.
- Use a new randomly generated password of maximum acceptable length for each new account.
- Subscribe to notifications on https://haveibeenpwned.com/
- A password that was sent over SMS, Facebook, Skype, E-mail or any other messenger should be considered stolen.
A final thought is about personal security
The best thing you can do is invest into moving to the good neighborhood that looks all nice and clean and has a low crime rate. This will drastically improve your personal safety and quality of life. And never forget it’s the latter that you really want. Everything else is relative.