How to keep crypto assets safe from cybercriminals?

• Ordinary investors, especially newbies looking to capitalize on the projected rise in Bitcoin to $ 100,000, run the risk of losing money to cybercriminals.
• The easiest way to protect yourself is to never tell anyone the private keys to your wallet.
• Often, small investors send their money to scammers of their own free will, without checking the information and websites received.

"I was hacked. I left my wallet open in a browser on MetaMask and they got into it. Lost all saitama, floki and hokk. "

Small investor @ltjyaussie posted a tweet,who claims that all the SAITAMA, FLOKI and HOKK tokens he purchased were stolen from him. He claims that he has always been careful and has no idea what happened this time or where his savings went. A Cypriot investor was the victim of a systematic attack by hackers, and despite all efforts to protect his wallet, he was robbed.

@ltjyaussie - not the first and not the lasta cryptocurrency investor facing such a challenge in an effort to make money on the crypto market amid the tremendous growth of bitcoin over the past two months. Many of them are newbies.

So what should investors do to stay safe and prevent hackers from stealing their savings?

Never share private keys

Founder and CEO of Digital Finance Group hedge fundJames Waugh, who manages millions of dollars, emphasizes that one of the simplest and most useful rules is "never tell anyone the private keys to your wallet." In a nutshell, private keys are a form of complex password that prevents wallet theft and unauthorized access.

James Waugh warns investors against...using insecure internet connections when making transactions using personal devices such as mobile phones and tablets. This means that when searching for verified sites in your browser, it is worth double-checking their URLs, especially those used for trading. Or you can simply bookmark the most frequently used sites.

“Users are also encouraged to have multiple wallets for storing cryptocurrency,” Waugh advised in an interview with BeInCrypto. This will help"protect user portfolio"and reduce losses in the event of a hack, he added.

Digital Finance Group CEO warned thatclicking on "any suspicious and unknown links when making crypto transactions" can be costly for traders. The point is that “hackers insert malicious links into advertisements and emails,” sometimes even text messages, in order to carry out a so-called phishing attack.

Phishing attacks

There are several forms of phishing, but the most commonit is an event in which the victim, having received an important or intriguing message from an attacker (for example, from a bank), follows the attached link and reveals confidential information to him, posting it on a malicious site. In many cases, users receive emails or messages supposedly from a trusted wallet provider (where they already have an account) asking them to change their password or seed phrase.

Once this information is in the hands of a hacker, he will certainly use it to log into an account in order to steal funds.

More advanced hackers take controlreal sites (like what happened with Pancakeswap). In this case, they hack the site's DNS and then redirect its traffic to a malicious server. That is, the user, following a real link, ends up on a fake site, and all the information he entered falls into the hands of hackers.

“Besides phishing, there are also maliciousmobile applications that have the hidden ability to remember keystrokes by users or observe their actions, ”said James Waugh. "Investors who choose unreliable exchanges to invest or trade also face the risk of losing their money when these exchanges are hacked."

Dust attacks

The 2017 bull market was largelydriven by ordinary investors. Now that, according to Chainalysis, the number of ordinary people investing in cryptocurrency around the world has grown by almost 900% over the past year, small investors are expected to once again play a major role in propelling Bitcoin to the coveted $100,000.

But many of them remain vulnerablefor cyber attacks. One day, Los Angeles-based crypto investor Raul Ayala noticed that a coin called key7 appeared in his crypto wallet, and he had no idea what he should do with it.

“I was advised not to try to sell it, otherwiseshe will destroy my wallet. So I’m not even going to touch her,” an annoyed Ayala tweeted. This is how he avoided the dust attack. This is a new type of malicious activity in which hackers and scammers try to find out the identity of the wallet owner by sending small amounts of tokens to their wallets.

“The number of tokens sent is so small,that they are barely noticeable, and this is where the name dust comes from, ”explains Waugh. "The transactional activity of these wallets is then monitored by attackers who perform a combined analysis of different addresses to de-anonymize the person or company behind each of them."

“Dust attacks can be avoided by using wallets that create new addresses every time a transaction is made, making it difficult to track,” Waugh added.

Ordinary investors are sometimes to blame

Oleg Belousov, CEO of N.Exchange shared the opinion that "the best way [to protect funds] is to have a cold wallet." This is a type of wallet in which savings are stored offline, off the Internet, where most thefts take place.

He suggests storing funds on hardwarewallets such as Ledger or Trezor, although security tests have shown that Trezor can be hacked within 15 minutes of gaining physical access to a laptop or phone.

Belousov advises ordinary investors to keepassets in official coin wallets that they purchase, rather than in "applications that promise to be non-custodian", while often "their source code is closed or not verified."

However, ordinary investors may be to blame for the loss of their own money.

“Believe it or not, most peoplesend money to scammers of their own free will. This means that social engineering (phishing) and high-yield investment programs are responsible for 90% or more of the scams that newcomers fall prey to, ”Belousov said.

Where is it more profitable to buy cryptocurrency? TOP-5 exchanges

For a safe and convenient purchase of cryptocurrencies with a minimum commission, we have prepared a rating of the most reliable and popular cryptocurrency exchanges that support deposits and withdrawals of funds inrubles, hryvnias, dollars and euros.

The reliability of the site is primarily determinedtrading volume and number of users. By all key metrics, the largest cryptocurrency exchange in the world is Binance. Binance is also the most popular crypto exchange in Russia and the CIS, since it has the largest cash turnover and supports transfers in rubles from bank cardsVisa / MasterCardand payment systemsQIWI, Advcash, Payeer.

Especially for beginners, we have prepared a detailed guide: How to buy bitcoin on a crypto exchange for rubles?

Rating of cryptocurrency exchanges:

#	Exchange:	Website:	Rating:
1	Binance (Editor's Choice)	https://binance.com	9.7
2	Huobi	https://huobi.com	7.4
3	Exmo	https://exmo.me	6.9
4	OKEx	https://okex.com	6.5
5	Bybit	https://bybit.com	6.3

The criteria by which the rating is set in our rating of crypto-exchanges:

• Work reliability— stability of access to all functions of the platform, including uninterrupted trading, deposits and withdrawals of funds, as well as the duration of the market and daily trading volume.
• Commissions– the amount of commission for trading operations within the platform and withdrawal of assets.
• Additional features and services— futures, options, staking, NFT marketplace.
• Feedback and support– we analyze user reviews and the quality of technical support.
• Convenience of the interface– we evaluate the functionality and intuitiveness of the interface, possible errors and failures when working with the exchange.
• final grade– the average number of points for all indicators determines the place in the ranking.

</p>