My knowledge is really limited at the moment. But Ive begun the process of learning about it.
It started when I saw a video about a Bittrex account which was hacked. I am using 2FA on my Bittrex account. I do not have a static IP with my internet provider, recently Bittrex started giving me a message saying that my IP had changed and that I needed to authenticate it via an email I received, I did a search and found the verification of IP via email to be legitimate however it goes against my instinct of not clicking on links to login.
There are some conflicting reports that it was a fake video but the reality of it happening to any of us got me thinking nonetheless. The outcome is that it looks like his API keys were compromised.
- It is recommended that you have a separate laptop just for trading ie one browser used only for trading and no other activities like browsing.
- Dont install any other software on the laptop especially pirated software.
- Dont browse or download from torrent sites/porn sites on this laptop .
- Do not use any services that remember your passwords, write them down and always enter them manually when logging in.
- Use completely random passwords, nothing obvious like names, dates etc and do not have a common theme in your passwords that you just change up for each different site ie Smith@bittrex_1234 Smith@tradingview_1234 etc
- Bookmark the login page or type the url in directly, do not click on links in emails or from other sites. (This one I have an issue with as Bittrex has recently been sending me emails saying I am logging in from a different IP, I then receive an email saying I need to click on a link to verify even though I have 2FA enabled.)
- Use an up to date antivirus and always update your OS to the latest
- The use of static IP’s and the IP Whitelist (I do not know enough about this process yet)
I do not work in Cyber Security these are just tips I have found online and from watching other videos. I’m in the process of learning more and will update as I gain the knowledge, input from anyone with expertise in the field will be appreciated.
My aim is to make a list of “Golden Rules for keeping you accounts safe” over and above the use of common sense. I foresee many users of the Pub having significant amounts of money on exchanges and I think a lot of us who do not have IT experience could find ourselves becoming easy targets.