By Rob McNealy
Many people stay away from crypto out of the fear of being scammed. That’s understandable, given the amount of crypto fear porn put out by the legacy media. The truth of the matter is, blockchains are very secure, as the encryption protocols that secure them are bank and military grade.
Most scams or hacks that have occurred around crypto are not from some fault or insecurity of blockchains, but rather involve social engineering or a third-party centralized exchange with poor security on their internal processes and systems. Other crypto problems involve poor key management, malware, and even user errors.
Social engineering is when a person is manipulated into giving up important personal information which is then used by the hacker to access accounts or other information which is used to access accounts.
The best ways to combat these hacks are:
- Assume the worst about people until proven otherwise; be aware that hackers are lurking around, and most prominent crypto people and services have dozens of scammers attempting to impersonate them.
- Do not click on emails from unknown sources. Call the company back from their published contact methods to verify if you are concerned.
- People promising ‘get rich quick’ or fast cash schemes are usually bogus. Legitimate investments or projects won’t send unsolicited emails or spam you from anonymous accounts either.
- Keep separate devices for managing your crypto and for doing email/web surfing. If you are unable to do that, always keep your hardware wallets like Ledger disconnected from your device and turn off your web and browser extension based wallets like MetaMask while surfing.
- Don’t send strangers your crypto or your keys. If someone has a great offer for you but requires you to send them a fee or some crypto to them up front for you to take advantage, it’s a scam.
- Install an antivirus software and keep it up to date.
- Enable two-factor authentication on all crypto accounts and email accounts.
- Avoid all paid “signals”, forex or other “investing” groups. These groups are typically scams associated with illegal pump and dump schemes.
- Run from anything to do with “cloud mining” is usually scam. You can’t mine from your phone, or pay a stranger to “unlock” mining profits for you.
- Ignore groups that use MLM style marketing to promote investments, they are probably a scam or an illegal Ponzi
The largest crypto hacks have typically happened on centralized exchanges, usually foreign ones. That doesn’t mean that all foreign or small centralized exchanges are bad or riskier.
Americans often use foreign exchanges to buy crypto because new crypto projects aren’t big enough to be listed on American exchanges, so savvy investors looking for the next Shiba Inu or Dogecoin, have to go to off-shore exchanges that are willing to list newer crypto projects like TUSC.
The best way to protect yourself from scam exchanges is to remember the often-recited mantra: “no keys, not your crypto.” What that means is that when you send your crypto to an exchange, you no longer control the coins, the exchange does. The best advice is to never leave your crypto on an exchange, and always move it to a wallet which you control the keys to. That is the safest bet. Exchanges are the biggest target for hackers, and they can’t steal your coins if your coins aren’t there.
Rob McNealy is an entrepreneur, 2A supporter and co-founder of TUSC, a 2A-friendly crypto payments and NFT project, and Krappy Art, an NFT and digital art collective. Rob lives in the Salt Lake City area with his wife, four kids and their ferocious guard doodle. You can listen to his podcast or follow him on Minds and Twitter.