It’s all too tragic to see the number of news reports there are of cryptocurrency hacks and scams. These cybercrimes have cost the victims billions of dollars in losses.
Hacks and scams have also cast the blockchain industry in a negative light, and undoubtedly cost the sector billions of dollars in losses as well. Cybercrime costs the cryptocurrency industry because of missed growth from negative press coverage and word-of-mouth.
Simply educating crypto users about common best practices when investing and for cybersecurity could substantially de-risk the industry for participants.
Before sharing some important basics and best practices to stay safe from hacks and scams, here is a brief review of what’s at stake:
Cryptocurrency Hacks and Crypto Scams Have Cost Many Victims Their Life Savings
Before sharing some of the best practices you can implement to stay safe from crypto scams and cryptocurrency hacks, here are some examples of what we’re talking about in this article:
In Nov 2022 Adrian Butkus, a 43-year-old father of two, put $600,000 into an account with BlockFi, a crypto asset lender. BlockFi marketed its product as a risk-free way to earn 6.5% interest on deposits. Just days after Adrian handed over a substantial portion of his life savings, the FTX exchange collapsed. BlockFi had close ties to FTX and suspended customer withdrawals, then declared bankruptcy. Adrian doesn’t know if he’ll ever get his money back.
In July 2021 the BBC told the story of “Joseph” (whose real name was concealed to protect his privacy). In his 70s and retired, Joseph wanted to top off his nest egg— enough to buy a mortgage-free bungalow to live out his retirement with his wife— by trading crypto. He ended up losing over £250,000 to fake investments by online scammers. The loss was so traumatic, Joseph collapsed while on one phone call with the crypto scammers. He had to be taken to the hospital by paramedics.
In June 2021, Ellie Bozmarova, a young Fulbright scholar with a masters degree in creative nonfiction writing, lost tens of thousands of dollars she had deposited with Voyager Digital. She was lured by Voyager’s promises of 9% “annual percentage yield” (APY), FDIC protection, and that the product involved holding USDC, a stablecoin, instead of a crypto with market price volatility. As it turned out, the FDIC insurance was only in the event that Voyager’s partner bank went insolvent. There was no protection for Ellie when Voyager went under due to mismanagement and insolvency.
In May 2022, Jared Ferguson lost $96,000 in his Coinbase account to a phone hack. Cyberthieves used a SIM swap scam to convince Coinbase that they were him when they drained all the money from his account. Although Ferguson is suing the crypto exchange for allegedly ignoring clear signs of fraud, he might not ever get his money back. Coinbase argues its users are responsible for the security of their own emails, passwords, 2FA codes, and devices.
What best practices could have prevented such terrible losses for these crypto scam and hacking victims? Always consult with a professional financial advisor before taking any risks with your disposable income, and be sure to apply these following five safety principles when investing in cryptocurrency and holding any significant sum of your savings as crypto.
“Don’t put all your eggs in one basket.”
Most cryptocurrency scams and crypto hacks can be avoided by following this one simple principle that we’ve all heard since childhood every time you make a move with crypto. That’s why it’s incredible that so many people have been victimized with such astounding losses.
If ever there was a time to be careful and follow this advice, it would be when dealing with money and risk. While investing and working in the crypto industry certainly can be very rewarding, it is certainly also a risky place for your money, markedly riskier than the stock market.
If all your funds are on one platform, and it goes under due to mismanagement, or turns out to be a ponzi scheme, then you lose all your funds. But if you had 5% there and the rest spread out among different crypto platforms you would only lose 5% of your crypto portfolio.
With 5% here, 25% there, 10% here, 5% there, your crypto holdings are spread out and diversified. Keeping a diversified portfolio is a well-known best practice when investing.
Diversifying your crypto portfolio reduces your exposure to all kinds of risks whether they’re cryptocurrency hacks, scams, or insolvencies. Ideally, most financial advisors would agree your crypto portfolio should be one part of a larger, more diversified portfolio that includes other investments like stocks, ETFs, bonds, REITs, and commodities.
Here are three ways to avoid the most common cryptocurrency hacks and scams.
I. Devote small amounts of your capital at a time to anything crypto.
First crawl, then walk, then run.
Keep your eyes wide open and look around at everything in the crypto space carefully until you know what it is and what you expect it to do, starting from crawl, and never quit doing that. Thomas Jefferson once said something to the effect of: The cost of freedom is eternal vigilance.
Place a small amount of money with any crypto, platform, or brokerage at a time, then wait and see what happens. As you build trust and gain experience with different investments and ways to invest in crypto, you can gradually increase your allocations more safely.
There’s no reason to dive in head first with any crypto, financial product, or new fintech company. While coin marketers push a mentally of urgency through fear of missing out, taking your time to invest carefully will pay off better in the long run than making any foolhardy gambits with your precious savings.
Instead of rushing your crypto investing, be sure to research investing opportunities and base your confidence in an investment on what you’ve learned, not on baseless marketing hype or a feeling of excitement in online investing communities.
One way to invest in crypto gradually is through dollar cost averaging. This is a classic investing approach used by investors since long before crypto to minimize exposure to price volatility in assets with higher risk-reward profiles.
II. Spread out your deployments across multiple substitutes and competitors.
Again, it’s safer for your portfolio not to put all your eggs in one basket. If you spread out your allocation across different cryptos, exchanges, custodians, and wallets, then if any one of them turns out to be a scam, gets hacked, or goes out of business all your funds won’t be missing.
You may find it worthwhile to get coordinated with your different platforms and apps, and practice adding and withdrawing funds to and from each account to other crypto accounts you own, and to and from your checking account with your bank.
One way to learn each company, product, and service is by opening multiple accounts to spread your crypto out, and see how each one treats you and what happens. There are tradeoffs with every investment vehicle and platform.
You may want to keep some savings not to touch in a tax advantaged crypto retirement savings account with Fidelity, some in an account with a crypto exchange to do some currency swaps when one of your coins is up a mile and another is having a bad week, and some in a hardware storage wallet for a rainy day fund or to give to your kids when they’re grown.
III. Research and Implement Best Practices for Cybersecurity and to Secure Your Crypto
After taking the above steps to deploy your funds cautiously and diversify your crypto portfolio, it’s still important to learn and follow best practices for password safety and cybersecurity for all your accounts and devices that are connected to your crypto.
Keeping your personal information secure for your non-crypto online accounts is one aspect of securing your crypto. The SIM swap scam in the example given earlier is often carried out by cybercriminals who get victims’ SIM cards from their phone company by imitating them, often using their personal information that the criminals found online or purchased in black markets.
Most connected device users even today do not know how to create strong passwords that are easy for them to remember, but impossibly hard for cyber attackers and password cracking computer programs to guess. You may rest more assured about all your online data security after doing some research on how to create strong, memorable passwords.