A Beginner's Guide to Protecting your NFTs and Other Digital Assets

Written by barthillerich | Published 2022/01/02
Tech Story Tags: nfts | metaverse | nft-gaming | decentralized-finance | crypto-wallet | cyber-security | nft-top-story | nft-security-best-practices | web-monetization

TLDRIn order to secure your assets, using burner wallets, hardware wallets, and the other tactics that I discuss are great places to start.via the TL;DR App

Scams are an unfortunate reality of the crypto space today. Maintaining personal security and using sound judgment should be prioritized by everyone involved with crypto.

Crypto Security Must be a Top Priority

It’s not uncommon to hear about someone losing all the funds in their wallet, having valuable NFTs stolen, etc. With crypto taking out the banking middlemen of financial transactions and being absent of investor protections like the FDIC, it’s up to each individual to maintain custody of their portfolio of digital assets.

Security needs to be a top priority for everyone. In order to shed some light on the topic, I’m going to go over some of the best ways to maintain security and protect your digital assets. As a quick disclaimer, these are views based on the current status of the crypto space; none of these ideas are absolute guarantees of safety.

In the future, these solutions may no longer provide the same security as new methods of attack develop. Let’s spread the message of how to enjoy crypto safely and continue to do better together as an overall community.

Use Burner Wallets

Oftentimes I see people scammed when they attempt to mint NFTs by connecting their wallets to a scam project’s malicious website. Once connected, the website funnels the user’s assets out of their wallets. Using a “burner wallet” is a great method to prevent this.

A burner wallet is a wallet that you would create just like any other. This wallet, however, would be one that contains nothing in it aside from a small sum of money (I recommend anywhere from $10 to $20) or the funds you need to mint an NFT.

You can use this wallet to test connections to websites, receive giveaways and other assets from opposing parties, and mint NFTs. The $10-$20 comes into play when you actually connect your wallet to any kind of website.

Using the burner wallet, you can test whether or not the site is going to steal your assets. If it does, you’re only losing $20 (or the funds inside that you intended to use for minting) instead of everything you own.

Don’t hold valuable assets in mobile wallets

It is good practice to not hold too much cash in your physical wallet. There are victims of theft every single day; we all know this. What about your mobile digital wallets? You don’t want to hold anything that you can’t afford to lose in them either.

If your phone is stolen, or worse, you are forced to transfer the contents of your wallet to a criminal (a situation I believe we will start seeing more often with further crypto adoption), you could lose everything. Be very careful about the assets you maintain access to on your mobile devices, they are not as secure as you may think.

Spread your crypto-assets across multiple wallets

Spreading out your assets is a wise thing to do. If I had, for example, five Bored Apes, keeping them all in the same wallet would be extremely risky. If that wallet were to be compromised, all five would be lost.

In spreading the Apes out across multiple wallets, I would be able to ensure that I wouldn’t lose everything because of one bad situation I’ve put myself into. Your high-value assets should be spread out in hard wallets that you don’t interact with.

This applies to all NFTs, whether on ETH like Bored Ape, on Solana like Trippy Bunny, or any other chain you interact with.

Use Hardware Wallets

Hard wallets are a great tool to protect your assets, and despite what you may assume, they are cheap (under $100) and easy to use. Ledger and Trezor are two of the most popular choices that people typically opt for; these will protect you from the most remote attack vectors.

The point of hard wallets is keeping your seed phrase safe. It never leaves the device, but you’ll need to write it down for your records. Keep your seed in a secure location. A question you want to ask yourself is:

“Are my assets safe if my living space catches fire, floods, or is destroyed in any other way?”

Keeping one copy of your seed phrase in a resilient safe at home, while keeping a second copy in a safety deposit box, is a solid strategy to start.

Make sure that, if something were to happen to you, your spouse (or whoever you would want to pass your assets on to) is able to access your information. If you don’t feel comfortable sharing that information with someone close today, leave it in your will for them to find. With your hardware wallet, the most important rule is to never enter your seed phrase into any device that is connected to the internet.

Don’t take a picture of it, don’t save it on the cloud, and don’t upload it to the internet.

Disconnect from Connected Sites

There are a variety of reasons that you will connect your wallet to websites. As explained previously, you’ll want to make use of your burner wallet in order to go about this in a safe manner by initially testing sites you wish to connect to. What about once you are no longer actively using the site?

Let’s take OpenSea for example. You’ve just spent an hour browsing the site buying some NFTs and viewing your portfolio. You’ve had your fill and now it’s time to close out the website.

Many people don’t take the next step, but it’s key in maintaining your security.

You’ll want to disconnect from OpenSea and revoke all permissions through your wallet. If you’re using Metamask, here is a link that describes how to go about the quick-and-easy process.

Once you’ve disconnected from any sites you’ve been using, you’ll want to make sure you lock your wallet before leaving your computer. Closing the window does not do this, you must press the lock button. I recommend checking what sites you are connected to at the end of each day.

Stay Vigilant Against OpenSea, Twitter, and Discord Scammers

The crypto and NFT industry practically lives on OpenSea, Twitter, and Discord. As such, they are where most scammers operate; the predators naturally migrate to where the most prey is. Here are a few helpful tips for staying safe while on those sites.

Disable Discord DMs

Almost every DM you will receive on Discord is a scam. Someone may be inviting you to join another project’s Discord, they may claim you won a contest, or they may be impersonating a project or project team member. In many cases, the person sending you the DM is calling you to take action by clicking a link.

Never click on links sent to you and always cross-verify information. As an example, many people have been scammed by malicious DMs claiming to be an NFT project team. The message, for example, might contain a link that says you’ve gained access to a whitelist spot for a new mint.

In that scenario, you would want to go to the official project Discord, check the announcements to see if there is a new mint (and then use the link that the team provided on the official server), contact a moderator, and ask other community members. In order to stop receiving malicious and unsolicited messages altogether (highly recommended), you can disable them in your Discord settings.

NEVER trust links

This goes for Discord, Twitter, and any other site that you interact with (even your email). You shouldn’t ever trust links sent from someone that you don’t personally know and trust.

Many scammers approach people under the guise that they are attempting to help solve a problem for them. Take these tweets as an example and don’t ever click on links like them:

Don’t interact with hidden NFTs on OpenSea

Scammers will send you NFTs that appear to be harmless; however, interacting with these could result in a loss of your digital assets.

These malicious NFTs should appear in the hidden section of your OpenSea account. Do not interact with them in any way unless you know with 100% certainty that it was sent to you from a reputable and verified project.

Spread the Message

I was inspired by a number of people in the crypto community to write this article. At the end of the day, digital security is 100% on each individual. As a community, we all need to continue to spread advice and help inform newcomers about digital security.

I hope this article has achieved that for some of you reading. If you’re up to it, share this article on your social media; the more people we can help and inform, the safer crypto will become overall and the further adoption will spread. It’s up to us to promote safe usage.

Tip Jar

Enjoy the article? Consider leaving a tip to support my efforts. All donations are greatly appreciated!

  • Coinbase (BTC): 0x9543128838F74bF6e95b7e056D288bc190236C2D
  • Metamask (ETH): 0x22B4E04c13EEBD21e2D35c4001B8B8fFFF17DD3a
  • Phantom (SOL): AXmyuktns4ehTWAuJbMDwavHAufbRpkQB3aoeJ7yE8iP

Disclaimer: This article is written purely for entertainment and educational purposes and should not be taken as financial advice in any way. Do your own research and, if you are seeking financial advice, find a professional who is right for you.

Featured Image: The Angel by @Jonychoren https://objkt.com/asset/hicetnunc/215678

Written by barthillerich | Wandering the Metaverse...
Published by HackerNoon on 2022/01/02
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy