Crypto loss prevention checklist (individuals & small teams)

Shareable evergreen page for newsletters and SEO. Deep dives: seed backup, phishing, DeFi risks.

Accounts and devices

  • Use unique passwords and a reputable password manager.
  • Enable hardware-backed 2FA for email and exchanges where available.
  • Keep OS and browser updated; remove unused extensions.
  • Prefer a dedicated “finance” browser profile with minimal extensions.

Wallet tiers

  • Cold/long-term storage separate from “hot” experimentation wallets.
  • Document derivation paths and passphrase usage for heirs—see backup guide.
  • Never store seed phrases in cloud notes or chat logs.

Signing hygiene

  • Read what a transaction does, not just the dApp marketing text.
  • Avoid max approvals; revoke where sensible after one-off uses.
  • Verify contract addresses against multiple official sources.

Exchange and fiat ramps

  • Match legal name across bank and KYC to reduce freeze risk.
  • Keep source-of-funds records for large deposits.
  • Bookmark exchange URLs; ignore Google ad clones.

Social layer

  • Ignore investment pitches from dating apps and unsolicited DMs.
  • Verify “support” only through official ticket systems.
  • Talk to a trusted person before large or irreversible transfers.

If something already went wrong, switch from checklist mode to preservation and tracing—speed matters.

Get a case review