5) Pair your hardware wallet to a full node with a wallet like Sparrow or using electrum personal server
———————-
Most people are fine there but if you have over 10 million usd in BTC you might start to consider further steps in security like a multisig of hardware wallets with 3 metal backups and general steps to secure yourself like getting a PO box and placing all your assets and accounts in companies to unlink your identity to them for privacy like the rich and famous do.
bitusher on
Here is a list of the most common ways people lose money and what you can do to avoid them:
**Most common losses**
1) Leaving your Bitcoin on exchanges or with custodians where your money can be stolen , diluted, or seized. death
Solution = self custody with open source wallets
2) Losing your backup seed words by loss, fire, water , misplacing and losing your wallet at the same time.
Solution = make 2 copies on paper and preferably one on metal and store them in separate locations. Keep them private and secure. Do not try and reinvent the wheel by splitting these words up or encrypting them. If you are concerned about theft than use a proper passphrase.
3) Someone finding your seed words and stealing your Bitcoin
Solution – Use a passphrase of at least 5-7 random words and do the following
4) You getting scammed by sharing your seed words with others.
Solution – Never enter the seed words websites or share with others . This scam is common if you are involved with altcoins as many airdrops and wallet connect and wallet verify apps and sites steal your private keys. Simply avoiding usage of altcoins eliminates most of these threats.
5) Stolen Bitcoin because you lend or stake your Bitcoin with an investment platform.
Solution – Do not get greedy and give your bitcoin for yield or “staking” or lending services
6) Trading your bitcoin for a pump and dump altcoin/token/ ICO
Solution – Do not invest in what you don’t understand and realize that 99% of the cryptocurrency ecosystem is nonsense and scams.
7) Having someone help setup a wallet for you where they steal the keys.
Solution – If you need someones help , than only have someone you trust help you in person and they should walk away when you are writing the seed words/passphrase down and never see your exchange credentials
8) Getting a phishing attack that compromises your credentials on your exchange
Solution – use a unique email your your crypto exchanges/ Crypto purchases vs your personal email. Do not click on links in emails as what you see doesn’t mean you will go there so you need to either manually type a URL , use your own bookmarks, or copy and paste the URL but check for domain misspellings . Be careful with attachments. Check the from field and make sure its from the company they are claiming and realize that even emails from friends can come from 3rd party hackers as their personal email might be compromised and the attacker is using their contact list.
The most common crypto phishing emails refer to “metamask” , “elon musk”, “Trust wallet” , “NFTs, aurdrops, or ICO opportunities” or “exodus wallet” or ransom emails. Simply avoiding altcoins and multicoin wallets avoids most of these scams.
Also watch out for other general scams listed in the pinned FAQ
Solution – Use a hardware wallet and if you cant afford one use a non custodial open source wallet in ios or android as those are more secure environments than windows or macOS.
2) Clipboard malware changing the address in the clipboard
Solution – Check the address with a quick glance to insure it matches what you pasted and better yet use a hardware wallet where you can check the receive address on the screen of your HW wallet
3) Dyslexia/User errors making you lose your bitcoin because you write down the passphrase wrong or seed words wrong
Solution – Practice recovery of your wallet with the seed words by first sending a test balance, wiping the wallet and restoring the wallet. Make sure your passphrase is written exactly how you create it as its case sensitive and any slight deviation will create another wallet.
4) Using a wallet where the developers of the wallet steal your bitcoin or make recovery difficult.
Solution – Only use popular open source wallets that are peer reviewed
5) Making a mistake by sending Bitcoin to an altcoin address or using complicated altcoins with wide attack surfaces where your funds are drained with a malicious or bugged smart contract
Solution- avoid multicoin wallets and try and either use bitcoin only firmware with trezor or bitbox2 or bitcoin only hardware wallets (jade , seed signer, cold card) which have much smaller attack surfaces and don’t have the risk of making a UX mistake
6) Theft with coercion or violence in person
Solution – do not brag about your wealth in any bearer assets and live a more modest lifestyle or at least have much better security . Use a passphrase so you can create a decoy wallet with a small balance to give the attacker
———————————————
**Lower risk of Losses**
1) Using a wallet with an exploit that is compromised/hacked
Solution – Only use popular open source wallets that are peer reviewed.
2) A sophisticated hacker getting physical hold of your Hardware wallet and extracting your seed words from it
Solution – use a passphrase as these are not stored on your hardware wallet so cannot be extracted or hardware wallet with a secure element or blind oracle
4 Comments
Cold wallet
How are you storing it currently?
Security is a spectrum. Here is a normal progression of steps from lowest to highest :
1) Self custody of Bitcoin in an open source wallet you control . List of wallets in the pinned FAQ
https://old.reddit.com/r/BitcoinBeginners/comments/g42ijd/faq_for_beginners/
2) Purchase a hardware wallet for self custody (pinned FAQ has a list of recommended ones)
3) Create at least one metal backup
https://jlopp.github.io/metal-bitcoin-storage-reviews/
4) Use an extended passphrase and do this
https://old.reddit.com/r/BitcoinBeginners/comments/g42ijd/faq_for_beginners/fouo3kh/
5) Pair your hardware wallet to a full node with a wallet like Sparrow or using electrum personal server
———————-
Most people are fine there but if you have over 10 million usd in BTC you might start to consider further steps in security like a multisig of hardware wallets with 3 metal backups and general steps to secure yourself like getting a PO box and placing all your assets and accounts in companies to unlink your identity to them for privacy like the rich and famous do.
Here is a list of the most common ways people lose money and what you can do to avoid them:
**Most common losses**
1) Leaving your Bitcoin on exchanges or with custodians where your money can be stolen , diluted, or seized. death
Solution = self custody with open source wallets
2) Losing your backup seed words by loss, fire, water , misplacing and losing your wallet at the same time.
Solution = make 2 copies on paper and preferably one on metal and store them in separate locations. Keep them private and secure. Do not try and reinvent the wheel by splitting these words up or encrypting them. If you are concerned about theft than use a proper passphrase.
3) Someone finding your seed words and stealing your Bitcoin
Solution – Use a passphrase of at least 5-7 random words and do the following
https://www.reddit.com/r/BitcoinBeginners/comments/g42ijd/faq_for_beginners/fouo3kh/
4) You getting scammed by sharing your seed words with others.
Solution – Never enter the seed words websites or share with others . This scam is common if you are involved with altcoins as many airdrops and wallet connect and wallet verify apps and sites steal your private keys. Simply avoiding usage of altcoins eliminates most of these threats.
5) Stolen Bitcoin because you lend or stake your Bitcoin with an investment platform.
Solution – Do not get greedy and give your bitcoin for yield or “staking” or lending services
6) Trading your bitcoin for a pump and dump altcoin/token/ ICO
Solution – Do not invest in what you don’t understand and realize that 99% of the cryptocurrency ecosystem is nonsense and scams.
7) Having someone help setup a wallet for you where they steal the keys.
Solution – If you need someones help , than only have someone you trust help you in person and they should walk away when you are writing the seed words/passphrase down and never see your exchange credentials
8) Getting a phishing attack that compromises your credentials on your exchange
Solution – use a unique email your your crypto exchanges/ Crypto purchases vs your personal email. Do not click on links in emails as what you see doesn’t mean you will go there so you need to either manually type a URL , use your own bookmarks, or copy and paste the URL but check for domain misspellings . Be careful with attachments. Check the from field and make sure its from the company they are claiming and realize that even emails from friends can come from 3rd party hackers as their personal email might be compromised and the attacker is using their contact list.
The most common crypto phishing emails refer to “metamask” , “elon musk”, “Trust wallet” , “NFTs, aurdrops, or ICO opportunities” or “exodus wallet” or ransom emails. Simply avoiding altcoins and multicoin wallets avoids most of these scams.
Also watch out for other general scams listed in the pinned FAQ
https://www.reddit.com/r/BitcoinBeginners/comments/g42ijd/faq_for_beginners/
——————————-
**Moderate risk of Losses**
1) Malware stealing your Bitcoin
Solution – Use a hardware wallet and if you cant afford one use a non custodial open source wallet in ios or android as those are more secure environments than windows or macOS.
2) Clipboard malware changing the address in the clipboard
Solution – Check the address with a quick glance to insure it matches what you pasted and better yet use a hardware wallet where you can check the receive address on the screen of your HW wallet
3) Dyslexia/User errors making you lose your bitcoin because you write down the passphrase wrong or seed words wrong
Solution – Practice recovery of your wallet with the seed words by first sending a test balance, wiping the wallet and restoring the wallet. Make sure your passphrase is written exactly how you create it as its case sensitive and any slight deviation will create another wallet.
4) Using a wallet where the developers of the wallet steal your bitcoin or make recovery difficult.
Solution – Only use popular open source wallets that are peer reviewed
5) Making a mistake by sending Bitcoin to an altcoin address or using complicated altcoins with wide attack surfaces where your funds are drained with a malicious or bugged smart contract
Solution- avoid multicoin wallets and try and either use bitcoin only firmware with trezor or bitbox2 or bitcoin only hardware wallets (jade , seed signer, cold card) which have much smaller attack surfaces and don’t have the risk of making a UX mistake
6) Theft with coercion or violence in person
Solution – do not brag about your wealth in any bearer assets and live a more modest lifestyle or at least have much better security . Use a passphrase so you can create a decoy wallet with a small balance to give the attacker
———————————————
**Lower risk of Losses**
1) Using a wallet with an exploit that is compromised/hacked
Solution – Only use popular open source wallets that are peer reviewed.
2) A sophisticated hacker getting physical hold of your Hardware wallet and extracting your seed words from it
Solution – use a passphrase as these are not stored on your hardware wallet so cannot be extracted or hardware wallet with a secure element or blind oracle