Scammers send emails spoofed to look like they are from trusted companies and crypto exchanges, asking you to click on a link, or provide sensitive information.
If you click that link, you get taken to a fake website, which looks genuine, and if you enter your details , the scammers will then gain full access to your crypto account.
Always double check the sender’s email address, never click on suspicious links. Be aware that scammers can easily spoof an email address to make it look like it came from, for example, @coinbase.com, but the link might take you to something like colnbase.com or coiinbase.com or coinbaze.com or coimbase.com, all of which look like coinbase.com at first glance, but are not.
No legitimate exchange will ever ask for your private keys, or for your password (other than when logging in).
As just mentioned, a link in a fake email might take you to what appears to be the legitimate crypto exchange you are used to, but scammers can create websites that look just like the real thing.
Their sole purpose is to steal your funds the moment you make a deposit.
Always verify the website’s URL — ensure your browser is not hiding the URL, look carefully at it.
It is always best to go to the URL you know rather than clicking from a link.
Scammers lure you in with promises of doubling or even tripling your investment in a short period.
Some will say if you send us some ETH then we shall send back to your wallet ten times that amount. No legitimate company can even afford to do that.
Never send ETH or BTC or any other crypto to get back more — you will just lose the crypto you sent, forever. Remember, if something sounds to good to be true, it is most likely a scam.
Always do thorough research before investing in any project. Remember there are no guaranteed profits in crypto currency.
Fake Initial Coin Offerings are another major scam. Fraudsters create impressive-looking websites, and white papers promising revolutionary technologies.
The reality though is that these projects often vanish overnight, having taken your investment with them.
You will never see your money again that you invest, certainly never see a profit.
Verify the legitimacy of any project before investing — check with respected crypto websites and avoid anything that no one has ever heard of.
Scammers will sometimes pose as support staff from crypto exchanges or wallets, and trick users into sharing their account details and passwords , or even your seed phrase for your wallet. Official support teams will never ask for sensitive information like that.
Also remember that if you use a hardware wallet, most of the time, the company that made it will not even have your email address. They certainly will not contact you, unless you have contacted them first for some customer support.
Only use their official support channels, which may be via email, Telegram, X.com, the company’s website, the company’s forums, Discord, etc.
And never ever put your seed phrase on your computer, especially never into a website, regardless of who might be asking for it. Only keep it written down on paper at home or in a safe place, or even better, in a metal seed phrase storage device.
By enabling Two Factor Authentication (2FA) on your crypto exchange accounts, you have an extra layer of security.
The site will require a one-time code that only your 2FA device or app on a smartphone can generate.
Alternatively, you might have something like a Yubikey which you plug into a USB port on your computer to get logged in.
Using 2FA makes it much harder for hackers to gain access to your accounts, even if they have your email and password.
Some hot wallets (software) are convenient, but more vulnerable to online attacks. For maximum security, you might be better off using a hardware wallet, which keeps your assets offline.
You connect the hardware wallet to your computer and use software on the computer to complete any crypto transactions, but without the hardware wallet, nothing will work, thus protecting your crypto assets.
Some software wallets might be subjected to hacking, and it is best to keep only small amounts of crypto in them.
If you are trying to access your crypto accounts over a public Wi-Fi, then hackers can intercept your connection and steal sensitive information.
Only use a secure private connection whenever possible, using a good VPN and only use a Wi-Fi that you trust. Most public Wi-Fi should be considered unsafe.
Ensure you always keep your software and wallet firmware up to date, to avoid hacks.
When using your computer at home to access crypto, it is best to use a wired ethernet connection as much as possible to avoid hacks from your neighbours or someone sitting outside in a car who is trying to access your Wi-Fi.