As the internet grows and more and more of the mainstream public find themselves on the world wide web, so does cybercrime – making it especially important for crypto investors to pay close attention to personal cybersecurity.
Here is a list of the most important steps a crypto investor – or anyone concerned with their privacy – should take to protect themselves from online predators seeking to access your sensitive data and accounts.
Why OPSEC Is Important for Crypto Investors
OPSEC stands for operations security and is defined by Wikipedia as the process of identifying and protecting critical information that could be pieced together by “adversaries,” or in the case of crypto investors, cybercriminals, who may be seeking to access user’s crypto accounts hoping to steal their funds.
The term was coined by a Vietnam era security team under the order of United States Admiral Ulysses Sharp and is commonly used by military entities around the world to this day. But it’s also become widely used to discuss personal data security needs of ordinary individuals – a growing issue in the digital age where sensitive user data is exposed both on purpose via social media, and without consent via hacks or other data breaches.
Crypto investors need to take personal OPSEC even more seriously, as according to a Google security expert claims, cryptocurrency is like catnip for cybercriminals, due to the added layer of anonymity they provide, making tracing their trail of crime all the more difficult.
Protect Your Assets With This Personal Security Checklist
Despite the very real dangers, crypto investors can take a number of steps in order to protect themselves from any would-be attackers.
$crypto OPSEC checklist:
1) Secure email provider (protonmail, tutanota).
2) Different emails / different strong passwords.
3) Never link phone to $crypto platforms.
4) 2FA (NOT linked to phone).
5) Cold storage, only keep necessary on exchanges.
6) Offline back-ups.
— SalsaTekila (@SalsaTekila) December 2, 2019
First, signing up for a secure email provider is a must. Encrypted services such as Protonmail or Tutanota are recommended. Never use your real name as an email address for sensitive user accounts, and be sure to use a unique email address for your email address that doesn’t match the password of any sensitive accounts.
Protonmail also offers a VPN or virtual private network service, that can mask a user’s IP address, further protecting privacy.
Never link your phone number to a cryptocurrency exchange platform in any way, as hackers have begun targeting users via SIM-swap attacks, gaining access to a user’s phone in order to intercept SMS-based two-factor authentication codes.
In fact, SMS-based two-factor shouldn’t be used at all, and Google Authenticator should be used on a separate, offline device, with any and all authentication codes backed up offline for safekeeping.
Related Reading | Crypto Hardware Wallets on Sale During Cyber Monday
Keeping crypto-assets off of exchanges in a cold storage wallet is also recommended, as even if hackers are able to gain access to your account data, there won’t be any crypto assets to steal. This also protects from the exchange itself from potentially being hacked, resulting in a loss of funds.
Always keep crypto assets offline in cold storage, never disclose how much cryptocurrency you are currently holding, and never invest more than you can afford to comfortably lose.