I recently ran into a story on reddit, basically, some guy had 32btc stolen from his bittrex account in what appears to be a phishing attack. so what really happened? well it so happens that the victim tried to login through internet explorer using
the bing search engine, clicked on the first link that was displayed and basically entered his login details, as well as 2FA authentication code as required only to get an error message. long story short, when he finally logged in using a different
browser, he found an empty account. It turns out he initially logged into a cloned account. This experience however bitter has a lot of lessons that can be drawn from it;
Never leave a huge amount of funds on any exchange , this particular horse has been beaten black and blue yet it seems for whatever reason some folks just wount listen, always move majority of your funds into a better secure option, like cold storage.
Avoid typing a site you are looking for into a search engine, rather use the url address bar or copy the url from a trusted location or better still, use a bookmark in your browser.
Setup a Crypto Address Whitelist. creating a whitelist simply tells the exchange to only authorize withdrawals to addresses on the whitelist also note that, when opting into this feature, you must specify a withdrawal address for every digital currency you would like to place a withdrawal from , This can be a bit tedious to use with some exchanges. you can alternatively disable all withdrawals for all currencies... in order to avoid stories that touch.
Set up email confirmations that require additional login and 2FA codes(that is if your exchange supports it). Of course this is
also tedious and takes time when you want to withdraw but then better safe than sorry right?DO NOT click on the first bloody link in a search engine! they are all ads. this applies to all the popular search engines ala google, bing etc. Don't say you have not been warned.
Using a password manager is also recommended, so if you go to autofill password and your password manager has no suggestions, thats an indication that you are on the wrong site and should get the f*** out of there.
It seems so simple to follow these rules. Common sense that is not that common I guess. Thanks for posting.
I believe a lot of folks do not really understand cryptocurrencies per say..even though they have money invested in it
I agree. There is a lot I still don't understand...but I do know it's currency and that means TAKE MEASURES to protect it. Duh. :)
Security is important for every investment.
Congratulations @kumablack! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Award for the number of upvotes
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP
Congratulations @kumablack! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
You got a First Reply
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP