User Security Responsibilities
Account protection, wallet security, and phishing awareness
While we provide robust platform security, your security practices are equally important in protecting your account and cryptocurrency assets.
Account Security Best Practices
Strong Passwords
Create Secure Passwords:
- Minimum 12-16 characters
- Mix of uppercase, lowercase, numbers, and symbols
- Avoid dictionary words and personal information
- Never reuse passwords across services
- Use a password manager
Enable Multi-Factor Authentication
Essential Protection:
- Enable MFA immediately upon account creation
- Use authenticator apps (not SMS when possible)
- Store backup codes securely offline
- Register multiple devices for redundancy
Regular Account Monitoring
Stay Vigilant:
- Review login history regularly
- Monitor account activity and transactions
- Check for unauthorized changes
- Set up email alerts for account activities
Wallet Security Guidelines
Private Key Protection
Critical Security Rules:
- Never share your private keys or recovery phrases
- Store keys offline in secure locations
- Use hardware wallets for large amounts
- Never store keys digitally or in photos
- Keep keys separate from your computer
Wallet Best Practices
Secure Your Wallets:
- Use reputable wallet applications only
- Verify wallet addresses before configuring in Cryptrac
- Test with small amounts first
- Keep wallet software updated
- Back up wallet data regularly
Address Verification
Always Double-Check:
- Compare full wallet addresses character by character
- Use QR codes when possible to avoid typos
- Be aware of clipboard malware
- Verify addresses in multiple places
- Never trust pre-filled addresses without verification
Phishing and Social Engineering
Recognize Phishing Attempts
Warning Signs:
- Urgent or threatening language
- Requests for passwords or private keys
- Suspicious sender addresses
- Generic greetings (e.g., "Dear Customer")
- Poor grammar or spelling
- Too-good-to-be-true offers
What Cryptrac Will Never Ask
We will NEVER request:
- Your password
- Private keys or recovery phrases
- 2FA codes
- Direct cryptocurrency transfers
- Full credit card numbers via email
Verify Communications
Stay Safe:
- Manually type URLs instead of clicking links
- Check for HTTPS and valid certificates
- Verify email sender addresses carefully
- Contact support through official channels only
- Be skeptical of unsolicited communications
Device and Network Security
Secure Your Devices
Device Protection:
- Keep operating systems and software updated
- Use antivirus and anti-malware software
- Enable device encryption
- Use strong device passwords
- Enable remote wipe capabilities
Network Safety
Protect Your Connections:
- Avoid public Wi-Fi for sensitive operations
- Use VPN on untrusted networks
- Secure your home Wi-Fi with strong passwords
- Change router default passwords
- Be cautious on shared or public computers
Operational Security
Payment Link Security
Manage Links Safely:
- Deactivate unused payment links
- Use unique links for different purposes
- Monitor active links regularly
- Don't share sensitive links publicly
- Review link activity and transactions
API Key Management
If Using API:
- Never share API keys publicly
- Rotate keys periodically
- Use minimum necessary permissions
- Monitor API usage
- Revoke compromised keys immediately
Incident Reporting
If You Suspect Compromise
Immediate Actions:
- Change your password immediately
- Revoke all active sessions
- Enable or reset MFA
- Contact Cryptrac support
- Review recent account activity
- Document any suspicious activity
Contact Security Team
Get Help:
- Email: security@cryptrac.com
- Emergency Hotline: +1 (347) 619-3721
- Mark communications as urgent
- Provide detailed incident information
- Follow security team instructions