That may sound intimidating - but the good news is that just a few small changes to how you manage your accounts can greatly reduce your risk. These tips don’t just apply to your crypto accounts either; they can help secure your entire digital life.
Common Threats: What You’re Up Against
One of the most serious risks is something called an “account takeover” (ATO) — when someone else gains access to your account and uses it to commit fraud. A particularly frequent method used by bad actors is the “SIM-swap” attack.
In a SIM-swap, a scammer contacts your cell carrier and impersonates you to trick them into transferring your phone number to a new SIM card — one they control. Once they’ve hijacked your number, they can intercept your text messages, including two-factor authentication (2FA) codes sent via SMS. Combined with stolen passwords, this gives them a dangerous level of access to your email, financial accounts, and more.
There are simple, proactive steps you can take yourself to make your accounts far more resilient.
Step 1: Use a Password Manager
Strong, unique passwords are your first line of defence. Aim for at least 16 characters filled with a mix of symbols, numbers, and letters. Instead of trying to memorise complex passwords, use a trusted password manager like Bitwarden to generate and store them securely.
Step 2: Enable Strong Two-Factor Authentication (2FA)
Two-factor authentication adds an extra layer of security by requiring something you know (your password) and something you have (like a device or key). When possible, use the strongest form of 2FA supported by a platform:
Best option: A hardware security key like a Yubikey
Good alternative: An app like Google Authenticator or Duo Security
Do not use SMS 2FA.
If a service doesn’t offer any form of 2FA, it may be time to reconsider using that provider.
Other Smart Habits for Staying Safe
Be discreet
Avoid flaunting your crypto holdings online. Just as you wouldn’t broadcast winning the lottery, don’t share your assets or wallet details in public forums or social media.
Watch out for scammers
Some fraudsters will impersonate customer support reps to trick you into handing over sensitive info. Reputable customer service reps will never request your password, 2FA code, or remote access to your computer.
Double-check URLs
Phishing websites are common ploys. Make sure the link you’re about to click is legitimate. Before entering credentials:
Look for subtle misspellings or extra characters in the web address.
If you’re clicking a link from an email, copy and paste it into a plain text editor to inspect where it’s really taking you.
Bottom Line
A few smart security steps — like using a password manager and upgrading your 2FA - can significantly reduce your risk of fraud or theft. Pair those steps with vigilance, and you’ll be well equipped to protect your crypto and your digital identity.
Stay safe out there.
03 August 2025
Topic:
Security