Cybersecurity for Cryptocurrency

Note: The information in this newsletter is for informational and educational purposes only and should not be considered financial advice or an endorsement. Please consult with a qualified professional to determine what may be best for your individual needs.

Nearly two decades after the launch of digital cash, cryptocurrency has grown into an alternative digital financial system, with many different forms now available. Cryptocurrency (crypto) is a fully digital payment type that relies on cryptography to secure transactions and operates on decentralized networks rather than through banks or governments. Transactions are recorded in a public, permanent digital ledger known as a blockchain, which allows users to send and receive funds directly without intermediaries.

While this payment type enables flexibility, the crypto market is lightly regulated and carries increased risk. Market volatility, cyberthreats and scams are common. Although crypto exists digitally, the money used to purchase it is real, and funds can be permanently lost if the accounts are compromised.

As the digital currency landscape continues to evolve, being informed about emerging security threats is one of the most effective ways to protect crypto funds and personal data. Proactive measures, such as the easy steps below, are the best way to keep your investment secure.

• Use strong, secure passwords for all digital transactions. A good password should be at least 12 characters and have a mix of letters, numbers and symbols. Passphrases can be used and typically are easier to remember than traditional passwords. Change your passwords regularly, never reuse passwords across platforms, and never share passwords!
• Enable multifactor authentication (MFA) on all financial applications. MFA adds an extra layer of security by requiring a secondary verification step, such as an SMS (text message) code sent to your phone or email before withdrawals or account changes can be completed. This helps to prevent unauthorized access even if a password is compromised.
• Only use secure internet connections. Only conduct online financial transactions like banking or shopping on secure, private connections. Home networks that are secured with up-to-date software, antivirus and firewalls; protected with strong passwords; and have encryption enabled are a much safer option than public Wi-Fi.
• Think before you click. Cybercriminals often use phishing emails or messages to trick you into providing access to your crypto accounts. Be wary of addresses that appear slightly altered or suspicious, messages that contain spelling and grammar mistakes, or unexpected links or attachments added to the message. These messages are becoming increasingly hard to recognize due to generative artificial intelligence, so take your time and use extra caution. Always navigate directly to official websites rather than clicking on embedded links.
• Monitor your crypto accounts regularly. Frequently reviewing your crypto accounts allows you to quickly identify unauthorized transactions. Early detection and reporting fraudulent activity in a timely manner can help limit losses.
• Use a verified crypto wallet to manage private keys. Software crypto wallets are internet-connected applications for desktops or mobile devices, offering easy access for trading. Hardware crypto wallets are physical devices, like a USB flash drive, which securely store your crypto’s private keys offline. These devices offer strong protection against malware and hacking. Hardware wallets are widely considered one of the safest options for long-term storage of digital assets.
• Scrutinize website addresses and apps/wallets. Only download a wallet from a trusted developer’s official website. Use caution when searching and downloading wallets – app stores have been known to unintentionally display fake wallets near the top of search results.
• Avoid keeping all crypto on publicly accessible exchanges. Crypto exchanges often hold large amounts of digital assets, making them attractive targets for criminals. Regularly transferring funds to a personal crypto wallet reduces the risk of loss from exchange breaches or account compromises.
• Back up seed words properly. When setting up a wallet, you will receive a set of seed words, also called a “secret recovery phase” or a “master key.” These words provide full access to your wallet and all associated accounts. Keep your seed words private and stored offline in a safe place.       
• Back up all crypto-related data. Maintain secure backups of wallet information, recovery phrases and relevant account details. This ensures continued access in the event of device failure, loss or theft.
• Consider using a dedicated device for crypto. Using a separate computer or mobile device solely for crypto transactions can reduce exposure to malware and other security risks associated with everyday browsing and downloads.
• Secure Storage: The 80-10-10 Rule A common recommendation on how to store your assets safely is the "80-10-10 rule," which balances security and accessibility. Store 80% of long-term holdings offline in a hardware wallet. Buy directly from the manufacturer to avoid tampering. Keep a small amount (10%) in a mobile or software wallet for everyday use. Hold only what you need for active trading or quick access (10%) in exchanges. Funds on exchanges can be lost if the platform fails.

Understanding both the benefits and risks of crypto is essential to anyone interested in this alternative currency. While digital currencies offer greater autonomy and innovation, they also require individuals to take a more active role in securing their assets. Unlike traditional banking systems, there are often no safeguards or recovery options when funds are lost due to fraud or other criminal activity. By adopting strong cybersecurity practices and remaining vigilant, investors can significantly reduce their risk and better protect their financial investments in the digital economy.

Cyber Habit of the Month: Clean Out Your Computer

Regularly cleaning out your computer by deleting unused programs, removing old files, updating software and running security scans helps improve performance and reduces vulnerabilities.  Any outdated software, unnecessary applications and cluttered systems can create security gaps that make it easier for malware or unauthorized access to occur. Taking time to clean out and update your computer not only keeps it running efficiently but also plays a key role in protecting your personal and financial information.

February 9th is National Clean Out Your Computer Day. Establishing a routine for computer maintenance makes year-round security easier. Start by scheduling a monthly reminder on your calendar to review files, uninstall unused programs and check for system and/or software updates. Incorporate these new organizational tasks into existing habits so they become standard practice rather than an afterthought. Enable automatic updates and security scans whenever possible to reduce the manual effort. Use February 9th each year as an annual checkpoint to do a deeper review and reset good digital hygiene habits. For detailed strategies on organizing your digital and physical workspaces, check out our newsletter from this past spring!

Additional Resources

• National Cybersecurity Alliance: Security and Privacy Tips for Cryptocurrency Holders
• CISA Defending Against Illicit Cryptocurrency Mining Activity
• FTC What To Know About Cryptocurrency and Scams
• Security.org 2026 Guide: Everything You Should Know to Invest in Crypto Safely