How To Protect Your Crypto From Theft and Hacks
In a single week in November 2022, FTX went from being one of the world’s biggest and most trusted exchanges to a cautionary tale about the risk of crypto theft and loss. Its founder, Sam Bankman-Fried, was an industry rock star — now he’s facing more than a century in prison.
FTX customers could lose $8 billion in assets, and while the exchange’s implosion was the most infamous episode since the Mt. Gox hack of 2014, it certainly won’t be the last.
Steps To Protect Your Crypto
The good news is that you can take steps that would have protected you had you used the FTX exchange. Here’s what you need to know about protecting yourself from crypto theft, fraud and losses.
1. Choose a Wallet With Security in Mind
You can’t invest in crypto until you have a digital wallet — and not all wallets are created equal. If you chose whatever wallet your exchange offered when you bought your first coins, it’s time to upgrade to something that can offer a little more peace of mind. If you’re still in the planning phases, here’s what you need to know about the different kinds of wallets before you start trading.
Hardware Wallets Are the Most Secure
As the name implies, hardware wallets are physical devices that you connect to your computer only when necessary. The rest of the time, your wallet — and therefore your assets — are held safely offline in what’s known as cold storage. They are not connected to the internet and are beyond the reach of hackers, thieves, viruses and malware.
They’re more complex and more expensive than the other options — top picks include the NGRAVE Zero ($398), Ledger Nano X ($149) and Trezor Model T ($219) — but when used correctly, they’re essentially impregnable.
Hardware wallets have mostly replaced old-school paper wallets, which were the most secure cold storage available in the early 2010s — but some traditionalists still use them.
A Software Wallet Is Good — Especially if It’s Non-Custodial
Software wallets are a type of hot storage — they’re connected to the internet and therefore not as safe as hardware wallets. No matter how many steps the wallet provider takes to encrypt and fortify its software, your wallet is only as secure as the device you use to access it.
They’re simple to set up and use — just download them like any other software application — and often free to use. Many software wallets are custodial, which means you have to trust your private keys to a third party. If you decide to go with a software wallet, choose a non-custodial option that gives you sole custody of your private keys. MetaMask and Trust Wallet are among the most popular non-custodial software wallets.
Don’t Keep Your Assets on a Centralized Exchange
Most centralized exchanges offer their own wallets as an easy, free and convenient feature that allows their users to store their keys in the same place they buy their coins.
Some centralized exchanges, like Coinbase, offer more secure decentralized wallets — but even the safest exchange wallets live on exchanges, not on your device like a software wallet. Exchanges are rich targets for hackers, and as the FTX debacle proves, even the biggest exchanges can be brought down from within before an online criminal ever gets the opportunity to attack.
2. Choose a Safe and Secure Exchange
Most crypto transactions take place on digital exchanges, which you access through a web browser or mobile app — and as the world learned during the FTX implosion, your choice of exchange matters.
Pick an exchange based on the resources they put into repelling attackers, preventing breaches and keeping your assets safe. Look for features like:
- Default two-factor authentication
- Robust anti-phishing measures
- Biometric login
- Bounty programs that incentivize ethical hackers to spot and report vulnerabilities
Coinbase is America’s largest and only publicly traded exchange, which means it undergoes intense scrutiny from federal regulators that the others do not. Other exchanges that are known for strong security are Gemini and Kraken.
3. Study, Learn and Follow Crypto Best Practices
Wallets don’t actually store cryptocurrency. They generate private keys that grant you access to your holdings where they live on the blockchain.
Your 12- to-24-word secret recovery phrase, or seed phrase, is the key to your wallet and private keys. It’s your responsibility to manage and secure them according to standard crypto best practices:
- Write down your recovery phrase and never reveal it to anyone.
- Consider writing down the 12, 18 or 24 words on different pieces of paper and hiding them in different places.
- Use strong, hard-to-guess passwords.
- Use a password manager like Bitwarden.
- Don’t reuse the same password across multiple sites.
- Never store a password in a browser.
- Enable two-factor authentication even if your exchange doesn’t require it or turn it on by default.
- Don’t connect to an exchange or software wallet using public Wi-Fi.
- Don’t keep your assets on an exchange for any longer than necessary. Exchanges are exactly that — places to exchange money for tokens or tokens for other tokens. When the exchange is finished, so is your time there.
4. Learn How Crypto Criminals Operate
Now that you’re following best practices and using a safe exchange and a secure wallet, take the time to study the criminals who want to steal every token you’ve ever owned.
What Is Crypto Theft?
Criminals can steal crypto directly by breaching exchanges, software wallets or the devices used to access software wallets. Crypto theft also happens indirectly through phishing scams, investment scams and romance scams.
Can You Recover Stolen Crypto?
Blockchain transactions are designed to be irreversible and most victims have little recourse. FTX victims recently got some good news when authorities in the Bahamas recovered $3.5 billion in the former exchange’s missing crypto, but that’s an outlier.
How Much Crypto Is Stolen Every Day?
No official tally tracks daily losses, but the crypto crime industry is massive. In 2021, thieves stole a record $14 billion in digital assets. According to Cointelegraph, 2022 thefts had doubled from the year before by Nov. 1 — before the FTX implosion.
Can You Get Your Money Back if You Get Scammed on Crypto?
Firms like DPS Cyber Security have a record of recovering millions in stolen crypto assets, but it’s a drop in the bucket. Lost coins rarely find their way home — when it comes to crypto theft, prevention is the best medicine.
Never Stop Learning
Crypto criminals are learning new tricks and employing new tactics every day. Stay up to date with the latest crypto scams, threats and safety protocols by regularly checking in with the FTC and other watchdog groups.
Information is accurate as of Jan. 6, 2023.
Our in-house research team and on-site financial experts work together to create content that’s accurate, impartial, and up to date. We fact-check every single statistic, quote and fact using trusted primary resources to make sure the information we provide is correct. You can learn more about GOBankingRates’ processes and standards in our editorial policy.
- Cryptopedia. 2022. "What Is a Paper Wallet?"
- CryptoPotato. 2022. "7 Best Non-Custodial Crypto Wallets: The Complete List."
- Sensorium. 2022. "How To Choose a Crypto Exchange: A Selection Guide."
- CryptoVantage. 2022. "The Top 5 Safest Cryptocurrency Exchanges."
- Exodus. "Everything you need to know about your 12-word secret recovery phrase."
- BitPay. 2022. "Crypto Security Tips: How to Keep Your Cryptocurrency Safe."
- The Conversation. 2022. "Crypto theft is on the rise. Here’s how the crimes are committed, and how you can protect yourself."
- The Wall Street Journal. 2022. "Bahamas Regulator Says It Seized $3.5 Billion in FTX Crypto Assets."
- CNBC. 2022. "Crypto scammers took a record $14 billion in 2021."
- Cointelegraph. 2022. "Scary stats: $3B stolen in 2022 as of ‘Hacktober,’ doubling 2021."
- Yahoo. 2022. "Millions Recovered in Stolen Crypto for Clients by DPS Cyber Security Crypto Recovery Firm."
- U.S. Federal Trade Commission. "What To Know About Cryptocurrency and Scams."
- Time. 2022. "Where Did FTX's Missing $8 Billion Go? Crypto Investigators Offer New Clues."