Trading Cryptocurrencies is Dangerous - How To Protect Yourself and Your Money
What dangers prey upon you before you even open your first trade? Third-party risk, hacks, security, and privacy.
There is risk in every corner of this market, but none so dangerous as the one between your ears!
In this article, I would like to do a quick overview of some of the greatest risks you are facing when trading in the cryptocurrency markets. I can, of course, never really cover them all for two simple reasons:
I don’t know everything (obviously).
There is so much “innovation” in this space that just being up to date with “what’s new this season” is almost impossible, much less being aware of all the new ways one can lose his money or worse.
I know, I know, why so negative?
“Why all the talk about risk? About losing money? You’re such a downer. Just because some shit happened to those other guys, it doesn’t mean it’s going to happen to us. We want to hear how to get rich! We want to know how to trade! We want to be wealthy yesterday, not in a year or worse, dude! We want to quit this stupid job, lay down our work uniforms and sail off into the sunset with a few horny models and live out our dreams!”
And I get it, I do. However, in order to someday hit it big, for all the stars to align for you, you have to learn to survive first. You can find the most abundant gold wain going on for hundreds of miles underground, but it will do you no good if you don’t wear a helmet and the first falling stone in the mine kills you, or the tunnel collapses on your head.
Unfortunately, I speak from experience. I’ve lived through my set of setbacks, adding years to my journey, and I am an extremely careful guy. I’ve managed to identify and avoid the majority of traps upfront. Some of my fellow traders and explorers of this particular space have had absolute fortunes made and lost in one way or another, and I fear those are losses they'll never recover from.
Not because of money lost, that’s the least damaging part (money can always be replaced), but because of the mental and emotional damage those losses have incurred. These are harder to get up from.
First, let’s talk about your setup.
Forget about having four monitors and a Bloomberg terminal without first taking care of the basics, and the basics of managing your money start with security.
How is your internet and computer setup?
Is it secure? I’m talking about routers, WI-FI, and so on. Lock them up with passwords. Ideally, you would use a separate, clean computer for trading and accessing your online accounts. One where you don’t download stuff, play games, or browse the “hint hint” web pages.
Preferably you would avoid the Windows ecosystem, as it is the most popular one and littered with potential dangers. Linux or Mac OS are the better choices.
Use good antivirus and firewall software, and at least lock the user account on your computer. You could go even further and encrypt your hard drive, but this will be an overkill for most of you.
Use strong, unique passwords for all of your accounts, and that doesn’t mean just the exchange accounts. Those are usually connected to your email accounts. Use unique email accounts for each exchange account and protect them. And absolutely use secondary login options (Google 2FA or other) for all the connected accounts. Those that require you to touch a physical device are more secure, but a 2FA phone will do the trick as well. Ideally, use a separate phone. Any old Android smartphone will do. If it’s disconnected from the internet and mobile data and protected by a password, you’ve done a lot already.
Backup.
Don’t forget to backup all the passwords and 2FA, wallet, and access information. Preferably do it on paper, far away from your computer, and store it separately in at least two different locations. In case of some ultimate damage, like a fire or something. Better to be safe than sorry.
You might also want to think of the worst-case scenario in which you cease to exist. Will your loved ones have access to your funds, and will they know where to find your backups? Will they know how to use them? When using banks, things are simple in this regard, but in the world of crypto and self-banking, we must take some additional precautions.
It is estimated that about 20% of all Bitcoin that will ever exist (21 million) has been lost in one way or another. We’re not exactly good at being our own bank, that’s for certain.
Make sure there are no unencrypted traces of this backup data on your computers or phones. If a hacker gets hold of those, you’re done for. You could also separate the backup or wallet information into three parts and store them in three separate locations, making sure that getting access to one will do no one any good. Again, with a 1,000 USD account, you needn’t go overboard, and with a 100 million account, you need more information and help than I can provide. The rest are in the middle somewhere.
Privacy and anonymity.
If you can, completely separate your social media presence and accounts from your trading accounts, making sure there is no connection either in name, login information, or basis (email, phone, identity). Needless to say, don’t show your wealth or brag about your trading and portfolio to people on the internet. That’s just asking for trouble. There is little to no upside to showing off your identity and wealth on the web and a million potential dangers. Resist that particular urge with all your strength!
There have been quite a few cases lately where people who have been known as crypto traders ended up getting robbed, tortured, and killed for their money. Don’t put yourself in harm's way for no good reason. Don’t go around telling people you’re rich in crypto, including wearing exchange/coin swag on your person, unless you want this information finding its way to the wrong set of ears. Ones with bad intentions.
Think about your privacy when accessing your money on the internet. You can use the Brave browser (or some other privacy-focused browser), control your privacy on your phone as much as you can (to hell with convenience - safety first), and use VPN services or Tor network.
The rest is classic, timeless advice in internet security:
Don’t be a naive idiot.
Don’t open attachments from unknown people.
Don’t download suspicious shit.
Don’t open weird emails.
Don’t ever give anyone your personal or account information unless you can verify that they are who they say they are (exchange verification and so on).
In an ideal world, you don’t even do that, but governments are making that harder and harder to do these days. I know, “but bad guys and money laundering, bla bla.” Look, the simple fact is your private information is going to get leaked sooner or later, and that is a problematic affair. Do what you can to minimize your exposure to potential danger as much as you can.
If something sounds too good to be true, it probably is.
No, you didn’t get contacted by the last prince of Nigeria, who desperately needs your help in getting his insane fortune out of the country.
And no, if you send some random dude on the internet 1 ETH, ain’t nobody gonna send you 10 ETH back!
Don’t be an idiot! Just ignore these obvious scams, please. With the advancements in AI and deep fakes, for instance, recognizing scams and fakes will become harder and harder as we go on, but the principle above will remain true forever.
Nobody falls for that shit anymore, right? Wrong.
Specific to the space of cryptocurrencies, you can take the custodial route or self-sovereignty route.
Each has its perks and downsides. Of course, my advice is to go the route of “your key, your Bitcoin,” but that’s more aimed at holding or investing, not so much trading. You can take this pretty far and actually be your own bank, as advertised, setting up your non-custodial wallets, trading in the decentralized markets, setting up your own nodes, and so on, as it was intended from the start.
Here’s a comparison of multiple cold wallets:
The problem with that idea is that for most of us, this is too much. We lack sufficient knowledge, we’re not IT professionals, and more importantly, we’re not really aware of all the dangers or used to be really careful in the world of zeros and ones (computers, internet, apps).
So unless you are savvy in the IT world, I would say just stick to a big, safe (as can be), verified custodial provider, be it a wallet provider or an exchange. Avoid the small, unverified ones. Protect the accounts like we talked about, and you’ve done a lot.
Here we come to the next big risk factor - the third-party risk.
What is this “third party risk,” you may be asking? It’s all the risks associated with using third-party applications, exchanges, wallets, and so on.
With crypto in particular, when you hold some Bitcoin, for example, on your chosen exchange, you need to realize that in the worst-case scenario, these aren’t really your coins. They belong to exchanges.
If something goes wrong, you will lose everything!
They may close up withdrawals, confiscate your money, go into liquidations, or straight up close shop due to a hack or some other reason. Many have simply been closed by the owners, all the assets taken from customers, “and that's all she wrote.”
If the exchange is a legal entity (not some made-up address in Narnia, for example) in the right country, you may then have some legal options and hopes of getting some of your funds back. In any other case, and there have been many, tough luck, unregulated markets, you’ve just been scammed sort of thing.
Not convinced? Take a look at this sobering post.
So how does one mitigate this risk?
First, by only trading or interacting with the biggest, safest, most well-established exchanges and wallet providers out there and be ever watchful for signs of trouble in their midst.
Many of the biggest ones have had troubles in the past, but most are now capitalized enough to solve their shit without flipping you the bill. But there are still exceptions, whose immense wealth means nothing if they’re run by furry pricks, have zero oversights or accounting, and no fucking conscience! I’m talking about FTX, of course.
Split your portfolio between a few of the biggest exchanges, just in case.
If you hold a substantial (whatever that means for you) amount of money on an exchange, I would advise never to hold more than ⅓ of your portfolio on any single exchange. Split your money up among at least three exchanges.
That way, if one goes down (worst-case scenario), you’ve managed to keep most of your capital intact. You can then use an API-driven trading application, like Coinigy, for example, and access all of your accounts from one application, making it easier to manage them all.
There are enough big exchanges these days, with enough options and choices for most of us, so there is no need to take the stupid risk of trading in some no-name obscure Russian exchange. The same goes for interacting with all these new experimental DE-FI exchanges (they’re all experimental). While I support the idea, the execution simply isn’t there yet, from either the security or user-friendliness point of view.
Here’s a post that sums up just the DE-FI hacks of 2022 and another including all sorts of hacks.
Play around, be on the bleeding edge of innovation, just do it with small amounts of money so that if you get cut, you won’t bleed to death.
Because the chances of something going wrong there are quite significant, as has been shown over and over again. Test the waters, so to speak, and learn the rules of the game before committing any money.
As for holding your crypto for a longer period of time, I still think a properly set up self-custodial solution is the best, a hardware wallet. But do it right, or don’t do it at all. So much money has been lost over the past few years from trivial mistakes, things like lost passwords and backup phrases, failed disks without backup, lost computers or phones, and so on.
There is no need to have your whole portfolio on an exchange unless it’s small enough and you trade it all. This comes down to personal preference, holding/investing vs. trading. Spot vs. margin and so on.
Use leverage as a risk management tool.
Speaking of margin, that’s exactly what it’s for - using leverage so that you don’t need to have all of your money stored in an exchange, thereby capping the ultimate worst-case risk to only the amount you use for margin.
Ideally, no more than 10-30% of your portfolio. What that means is that you can still trade with the amount of the whole portfolio while only being exposed to risk (any and all) with a small percentage of it. With a larger portfolio that will help you sleep at night.
What would that look like in practice?
Let’s assume you have 100,000 USD allocated for trading. If you trade on an exchange where you can use leverage, you can then only send, let’s say, 30,000 USD to them and use it as a margin. That is now your maximum exposed risk, no matter what.
Combined with a 3x leverage, you can now take roughly the same size positions as you could if you had your whole trading portfolio on the exchange without exposing all of your money to unnecessary risk. Limited downside and unlimited upside.
Having said that, trading using leverage entails some pretty serious risks and additional expenses all on its own, so if you don’t know what you’re doing, you should probably avoid it. Your best course of action, then, is simply to scale down and trade with smaller positions.
This covers the basics, but there is a lot to unpack here. Take your time, read on these individual matters, and execute your chosen precautions. As I’ve said before, there are levels to this, and the more you read and learn, the more you realize that you know nothing and are simply not prepared. Remember, there are monsters in the dark (of the web). But don’t be alarmed, and at least cover the basics:
A clean computer, antivirus, and firewall protected.
Strong passwords on everything.
2FA on all of your accounts.
Unique emails for each exchange.
Utilize privacy and anonymity when exposed to the internet.
Good backups in multiple places.
Only use verified, safe exchanges and
Spread your portfolio across different exchanges and wallets.
You’ve now covered 90% of what you can control on this matter.
In the next installment of this series, we’ll be looking at market and trading-related risks. That’s where the fun begins.
Sharing is caring, especially in the online digital world.