Keeping your cryptocurrency experience safe and secure is extremely important to us here at Bitbuy. Cryptocurrency is a powerful and unique asset and currency, but because of crypto’s unique properties, you need to be extremely careful to avoid scams and phishing attempts. We take security extremely seriously here at Bitbuy, but we need your help in order to make Bitbuy Canada’s safest cryptocurrency platform.
Here are 10 tips to keep you safe on Bitbuy, and elsewhere.
1) Consider switching from text to Google Authenticator 2FA
2FA is a mandatory security feature used by Bitbuy. We offer two options for 2FA, text message (default) and Google Authenticator. 2FA is required for all transactions on the app and online. We recommend that users switch to Google Authenticator after they have a verified account. While text 2FA may be more convenient, it is more susceptible to hacking attempts via SIM swapping or other social engineering methods.
2) Never use a VOIP number for 2FA
VOIP phone numbers, or Voice Over Internet Protocol, are internet based phone number services that can accept text messages. Although these are usually banned by cryptocurrency exchanges, you may be able to still use one if it’s not properly identified. Using one of these for 2FA is a very bad idea, as these numbers can often be accessed by multiple individuals. If multiple people can access them, that means multiple people can get into your account or re-set your password.
3) Never give anyone access to your computer, your password or your 2FA info.
A Bitbuy employee will never ask for your password or 2FA information. If they do, it’s possible that this individual is impersonating an employee in order to attempt to steal your account. If someone asks for your Bitbuy password, immediately report it to Bitbuy support for investigation. Also, if someone you are working with wants access to your computer, this is a major red flag.
4) Only seek and trust support from [email protected] (Zendesk ticket system)
Bitbuy staff will not provide account specific support over social media, chat platform, or direct email. The only channels where they will discuss account details will be the Zendesk Ticket system (emails to and from [email protected]) Do not trust emails or phone calls from other sources.
5) Stay off public WiFi networks when accessing your crypto related accounts
We all love free public WiFi, but these networks are definitely more susceptible to attacks. If you are on your phone, switch off WiFi when transacting crypto online for maximum security.
6) Withdraw to your own wallet, ideally a cold wallet
Bitbuy makes security a top priority and has taken extensive steps to ensure all coins are kept in the safest way possible. We have a 95% cold storage policy, meaning at all times, only 5% of our total coin holdings are available in our hot wallets. We also have insurance on BTC assets through Knox. Even with these extensive practices in place, we encourage users to withdraw their digital currency to their own wallets if they plan to hold them for a long time. It is considered a best practice for any long term digital currency holder, and we encourage you to do so. We suggest buying a Ledger product for maximum security. If you do use a hot (web-based) wallet, make sure you research them extensively before signing up. We suggest Jaxx, or Blockchain for hot wallets. Be sure to read our full guide on managing a cold storage wallet with Bitbuy.
7) Research any service you send cryptocurrency to
You may be only using cryptocurrency in order to make an online payment. Cryptocurrency is of course, just that, a useable p2p currency that can be used to make purchases. You need to remember that unlike a credit card payment, cryptocurrency payments and transactions are irreversible.
If you are sending cryptocurrency to a service to purchase goods, services, or something else, make sure you do extensive research on the service. Look for online reviews, scam reports, or any available information on the legitimacy of the business.
There are plenty of investment services available that will accept cryptocurrency as a funding method. These services will promise high yield payouts, or unsustainable returns on investment. These are often nothing more than Ponzi schemes, and they capitalize on the fact that cryptocurrency payments are irreversible. Bitbuy will not process withdrawals to many of these services.
Other common scams are shipping scams, where a shipping company requests crypto payment in order to release a package, romance scams, where a bad actor pretends to be someone they are not in order to entice a cryptocurrency payment, or crypto mining related scams.
8) Double check your URL bar every time you sign in
Hackers can attempt to clone the landing page of a site, that looks and feels exaclty like your exchange or service you are used to using. Check your browser address bar to make sure the https:// is visible, the URL matches (eg bitbuy.ca), and that the SSL certificate is present. If any of these are missing, do not fill out any information on this page as it could be a ‘cloned’ page used for a phishing attack.
9) Create complex and unique passwords, update them regularly
Creating a complex and unique password can help protect your crypto assets on Bitbuy and elsewhere. Check out Bitbuy’s tips on creating the best password here. You should also consider making a unique password for each service. This is best practice, so if one set of your user credentials is compromised, a hacker can’t use the same login and password to access your accounts on other services.
10) Be Weary Of Crypto Giveaways
The rules of traditional business applies to crypto as well: If it sounds too good to be true, it probably is. A common cryptocurrency related scam is a giveaway, often run on a social network such as Twitter. The scam will say if you send them a small amount of crypto, they will send back a multiplied or larger amount as part of a giveaway.
For more information on keeping your account safe, check out the Bitbuy support centre.