Articles in this section

See more

Security Recommendations

Follow
CoinSpot - Security Recommendations banner.png

It is always important to remain vigilant when trading on digital currency exchanges. Today there are plenty of ways in which scammers try to manipulate users, as a cryptocurrency trader, to fall for their schemes and scam users into sending them crypto.

Below are some recommendations to counter these methods and protect users and their account from falling victim to extortion and fraudulent activity.

What is in this article?

 

Protecting yourself from scams

We strongly encourage users to educate themselves on what some common scams are and how to protect yourself from these scams.

Please take the time to read the article and familiarise yourself  on some examples that are currently taking place amongst common social media platforms, messaging apps, emails and various websites to try reach out to you.

 

Split.png

 

Keeping your devices secured

Personal devices are to stay personal! Providing access to your own device is like handing over your personal details. We urge users to stay vigilant against scammers and prevent them from gaining access to personal devices, we provide suggestions below on how to keep safe against this.

  • Do not give another person remote access to your devices under any circumstance.
  • Keep your apps and installed software up to date, ensure this by regularly checking they are updated to the latest versions.
  • Avoid auto-fill when logging into the relevant website.
  • Do not save your login credentials on publicly accessible devices.
  • Do not have your personal ID stored/saved in your email or through any messaging apps.

 

Split.png

 

Securing your email address

As your email address is the main point of contact and a utility to identify you as a user, there can be major security concerns if the email you use for your CoinSpot account is or has been compromised on the internet and is used across multiple websites. Below are some tips to protect your email address.

  • Have a different email address specifically for your CoinSpot account rather than using your work or personal email address.
  • Communication to and from CoinSpot should be treated as sensitive, especially if you have provided personal or account information via email. Consider permanently deleting any correspondence from your email account inbox.
  • Do not store any private documents in your email (e.g. Drivers Licence details, photo of your Passport, etc.) these can be used to steal your identity.
  • Ensure that your email mailbox is secure, enabling App Based 2FA is best for an extra layer of security when logging in.

 

Split.png

 

Social Media Accounts  

With so many social media platforms on the internet, it has been easier than ever to connect with individuals. With this in mind, we provide suggestions in preventing unknown third parties in sending unsolicited messages to your social media accounts. 

  • Your account may have the option to turn on Private mode from the account settings. This will prevent unknown contact reaching out, filtering their messages to a spam inbox.
    • If you use Facebook, use the lock profile feature.
    • If you use Instagram, set your profile to private.
    • If you use X (Formerly Twitter), enable 'Protect your posts'.
  • Use a different first or last name on the account.
  • Avoid repeating passwords across accounts.
  • Disable the ability to be found on search engines.
  • Mark yourself invisible through posts, tags, comments, likes, through friend lists.
  • Do not display, hide your mobile number.

Further information on social media scams can be located within our Help Centre article below:

 

Split.png

 

Managing Passwords & 2FA (Two-Factor Authentication)

Passwords are your first layer of security when logging into your account, they can also be your weakest layer of security if they are a repeated, weak or easy to guess password.

  • Use complex passwords for your email and accounts, you can use a password manager to generate & store your unique password.
  • Never give your 2FA code, username and password or sensitive information to someone on the phone or via email. CoinSpot will never request these details over the phone or via email.
  • Activate App Based 2FA wherever you can (Such as your email address & on your CoinSpot account) - print your recovery codes and store them safely in case you need to install 2FA on another device.

For instructions on how to set up App Based 2FA through the CoinSpot platform, please refer to the articles below:

 

Split.png

 

Securing your Coins

Offline personal wallets are highly regarded when it comes to keeping your coins safe and further protected against hackers. 

  • Store coins and tokens in your own private cold storage device.
  • Do not send coins and tokens to any persons you don't 100% trust. Once sent, the transaction cannot be reversed
  • If you have your own private wallet NEVER give out your seed phrase.
  • Common and most popular brands amongst the community in crypto for cold storage wallets can be Trezor or Ledger.
  • An individual approaching you promising extraordinary returns is likely going to steal your funds. You wouldn't give strangers cash would you?

 

Split.png

 

Geo-Lock Login on your account

Geo-Lock logins restrict logins to Australia only whilst blocking international logins.

We highly recommend our users ENABLE Geo-Lock Logins to prevent attempted unauthorised international logins.

If users are planning on travelling overseas or leaving Australia permanently we would recommend users have this disabled.

Instructions on how to enable Geo-Lock Logins please visit the article here.

 

Split.png

 

Secure Website Browsing

Check the URL 

  • When visiting our website, you will be greeted with the following URL https://www.coinspot.com.au/ 
    This will alter to ‘www.coinspot.com.au’ or 'https://www.coinspot.com.au/login' when logging in on your browser's address search bar for confirmation you are visiting our website.

    • Do note, not all modern browsers will show 'www.' at the front of the URL.

    CS Login - Secure Website SS.png

  • Check if the website uses HTTPS or ‘https://’ and a CS_Card_-_Being_Safe_Online_Padlock.pngpadlock symbol. Do note, not all browsers will display this before the URL, so be sure to check the bar for any buttons that may indicate its a secure website.

    • This will indicate whether you are visiting a secure website, information sent and received from the website will be private. However, always be careful when sharing private information such as personal and financial details.

       

Phishing websites

  • Ensuring the website you are visiting is correct. Occasionally, there may be phishing websites, which replicate a similar domain name and appearance of the legitimate website.
    • Ensure you have a strong anti-virus, anti-phishing software, browser adblockers and firewall protection enabled.

If you are ever unsure whether you are logging through the legitimate CoinSpot Website, enable Anti-Phishing Phrase.

Anti-Phishing phrase will display your unique phrase on the 2FA confirmation page when logging in, if it is missing, then you are not logging in through the legitimate CoinSpot Website.

 

Split.png

 

Other security features

At CoinSpot we offer users a variety of other security features, below are the features we also recommend our users to enable.

checked.png How to enable Phone Verification Phrase

checked.png How to enable Anti-Phishing Phrase

checked.png How to disable SMS 2FA

 

Need more help? 

Please submit your request via Zendesk - https://coinspot.zendesk.com/hc/en-us/requests/new 

or start a conversation with us via Live Chat and our team will provide full instructions and advice.

Related articles

Comments

0 comments

Please sign in to leave a comment.