How investors can trade cryptocurrency and NFTs safely


Whenever cryptocurrencies and NFTs make mainstream headlines, it’s usually for one of two reasons: someone made millions off of them or lost millions off of them.

Many have compared the crypto space to the Wild West. It is in a gray area where the laws are still trying to unravel. After all, there is an incredible amount of volatility and a surprising lack of safety nets.

That said, there are still precautions investors can (and should) take when trying to get into this space. The term ‘do your own research’ (DYOR) can often be seen floating around in crypto communities. This is what that implies.

Be aware of common scams

New investors are often attracted to cryptocurrencies with the promise of making quick money. They don’t research projects and seem to believe that every meme coin is destined for the moon.

This is far from reality. A report by blockchain analytics firm Chainalysis revealed that $14 billion worth of crypto was lost to scams in 2021 alone.

Despite all its potential, the crypto space is an ideal breeding ground for theft and fraud.

Many people are fooled by the ever-increasing “pump and dump” scams seen in new coin launches, as well as inflated NFT prices, so unwitting victims are quick to invest in an opportunity.” too good to lose.” Phishing also remains a huge headache and will continue to target all users.

– Jake Moore, ESET Global Cybersecurity Advisor

Pump and dump schemes incentivize investors to buy a cryptocurrency based on false promises. As the price rises, founders sell their holdings and break contact, leaving investors worthless tokens.

An example of a pump and dump scheme in action / Image Credit: TradingView

In the NFT space, fraudsters can generate fake attention by buying NFTs from their own collection. Unsuspecting investors could mistake these purchases for legitimate sales and buy into the “hype.” Eventually, the scammers ‘pull the rug out’ and jump ship.

Phishing is often carried out through fake websites that can drain crypto wallets. These websites are made to look exactly like popular crypto exchanges and NFT markets. They might even share a similar URL.

However, once a user connects their wallet, they will soon discover that all of their funds have been siphoned off.

Safe storage of crypto assets

Given the prevalence of phishing attacks, it is not a good idea to store all your crypto assets in one wallet.

It is recommended to spread digital funds between platforms and wallets if large sums are at stake to mitigate the risk of potential illicit activities.

– Jake Moore, ESET Global Cybersecurity Advisor

He adds that it is generally safer to store crypto in a decentralized wallet than on a crypto exchange.

When using a decentralized wallet like MetaMask, a user’s private key is only stored in their own browser. A hardware wallet goes one step further and keeps this data completely offline.

On the other hand, crypto exchanges store private keys on their respective servers.

crypto hardware wallet
A hardware wallet allows users to store their private keys offline / Image Credit: Yahoo Finance

Also, since cryptocurrency exchanges often hold large sums of cryptocurrency at any given time, they are an attractive target for hackers.

That said, storing cryptocurrencies in a decentralized wallet makes it more difficult to trade, as the assets need to be sent to an exchange first.

“Also, being in charge of your own safety comes with great risk, so education and awareness are vital. Human error can have disastrous consequences,” says Moore.

looking for red flags

Over the years, we have been conditioned to skip the “Terms and Conditions” documents. When it comes to traditional products and services, there is a certain level of safety that is guaranteed by existing laws and regulations.

This is not a freedom granted to those in the crypto space. The responsibility to investigate and judge the legitimacy of a crypto asset rests entirely with the investor.

From the moment a user creates a crypto wallet, they need to know what they are getting into. Popular wallets like MetaMask and Phantom come with a seed phrase, a range of 12 to 24 words, that serves as the password.

This phrase is the only way to access the wallet. There is no multi-factor authentication or wallet recovery customer support. If the phrase is shared with another person, you can instantly make use of the contents of the wallet. Also, there is usually no way to recover the stolen funds.

Once cryptocurrencies are stolen, they are rarely recovered by authorities. This is because cryptocurrencies are typically unregulated in the first place. We have witnessed hackers return large amounts of digital funds, but these situations are extremely rare and funds are often thought to be gone forever once stolen.

– Jake Moore, ESET Global Cybersecurity Advisor

When it comes to crypto and NFT projects, users need to consider factors like the whitepaper, the project website, their social media channels, and the background of the founders. These can help make a decision on whether a project is legitimate or not.

Red flags can often take the form of vague roadmaps or poorly written copy. Scammers can copy buzzwords from other projects and promise trendy utilities like gambling and money-making games.

It’s important to ask questions in a project’s Discord group to find information that isn’t available. For example, developing a game is a big undertaking. What kind of experience do the founders have in the field? Have you planned a timeline for the release?

A fake social media following is another easy red flag to spot. The community is the driving force behind many crypto projects, and it is important to assess whether the supporters are actually real people. If a project’s Twitter account has thousands of followers but only gets a few likes per post, it’s best to proceed with caution.

There are also other factors that need to be taken into account depending on one’s risk tolerance. For example, whether or not the founders of a project have revealed their identity.

A project with anonymous founders does not necessarily have to be a scam, given that anonymity is common in the crypto space. However, a project that has been audited or has known founders is more likely to be legitimate.

“Going small will help build your confidence in a new world of digital assets,” says Moore. “It’s about education and doing proper due diligence. Investors should make sure to protect themselves and be constantly aware of scams used by scammers.”

Will the need for such due diligence ever go away?

For traditional consumers, the need for all this research can serve as a deterrent. This is where standards come into play. As governments work to incorporate cryptocurrencies into their legal frameworks, the environment becomes more secure and less inconvenient.

The Monetary Authority of Singapore (MAS) recently announced a framework for the equitable distribution of losses arising from scams. This framework will divide the responsibility between financial institutions and consumers.

In my opinion, the framework will extend to any kind of financial loss (cryptographic or otherwise) that arises due to cyber attacks.

Banks currently hold money for their end customers as custodians and we see the same with cryptocurrency service providers. Any provider that has currency/securities will be a target and therefore should be governed by the same framework.”

– Ajay Biyani, ASEAN Regional Vice President, ForgeRock

In theory, such a framework would incentivize crypto exchanges to follow a strict vetting process when listing crypto assets. If a crypto asset turns out to be a scam or a rug pull, exchanges would be liable to some extent and investors might not face a full loss.

Biyani believes that more safeguards will be put in place to protect crypto investors in the future.

“The basic cybersecurity principles of Confidentiality, Integrity and Availability (CIA) will guide us on the required safeguards. Some key examples would be default multi-factor authentication for all users, continuous authorization trust and risk assessment (CARTA), and device profiling.”

Shop and support the best local brands in vice president tag now:

Featured Image Credit: