As Abra grows, so does our user base; with this growth comes users from all levels of technological proficiency.
Although using Abra may be easy and convenient, the risk that comes from giving someone access to your personal information or sending funds to someone you do not know may not be common knowledge. Transactions on the blockchain are irreversible; if you send cryptocurrency to someone there is no way to reverse that transaction. Sending cryptocurrency to someone you do not know is like handing cash to a stranger and then walking away.
In the interest of better educating the community we serve, here are some best practices and suggestions with our users that can assist in using Abra safely:
Avoid Frauds & Scams
From news articles to TV shows, we’re sure you’ve seen reports on numerous scams, but have you considered just how easy it is to fall for one? Many apps are now being utilized to support these scams. The following tips may help protect you.
Do your research! If you see a promotion, ad, deal, or ‘act fast’ scheme, etc., that seems too good to be true, it probably is. There are a number of scammers on social media who will reach out and ask for money in exchange for a “big return”. As cryptocurrency transactions are irreversible, once you send this person these funds you do not have the ability to dispute the transfer or obtain a refund.
Common scams or schemes will offer to send you a check, money order, wire, or in this case, crypto and ask you to send a portion back or out to a “client”. Anytime you accept money on behalf of someone you do not know, you run the risk of laundering money for a scammer.
Knowing/trusting the person you are sending cryptocurrency to is the key to avoiding being scammed. In the event of a scam, one could sustain out-of-pocket financial losses, as well as substantial costs to restore credit history and correct erroneous information in their credit reports.
If you believe you have been scammed, contact your state, local, or federal consumer protection agency. As these types of crimes are becoming common, local law enforcement may be able to provide advice and assistance. Reporting the event in detail (with screenshots, emails, etc.) to the proper authorities is always recommended.
Protect your mobile device
Your funds are tied to your private keys, which are secured inside your Abra app. Maintaining safe control of your phone/device is the first layer of defense.
Secure your phone with a password. Remember that your phone is part of the security chain and what connects you to your crypto wallet. Create some defensible space around your phone and treat it like one part of the key to the vault where you store your cryptocurrency keys.
Along those lines, keep your phone in your possession at all times. Again, your phone is now part of your crypto custody chain, so treat it like a set of keys.
Speaking of phones, make sure you know where your phone came from! Buying a second-hand phone off the internet or using a jailbroken phone is not advised. You want to know its' full security history and have confidence that you are the only one in complete control of what’s going on behind the scenes.
Always mind your hardware ports. One of the biggest risks and simplest ways to breach a phone’s security is through a hardware port. To ensure safety, consider disabling hardware ports and at least be aware of your external hardware connections.
Avoid sketchy websites. You are probably already aware that some websites can be a backdoor into your devices and a way for bad actors to steal critical identifying information, and arrange social engineering and other kinds of attacks and takeovers.
Mind the WiFi: Before logging into the Abra app, a best practice is to use a trusted WiFi network, like your home network, or some other option that you have a high degree of trust with. It’s best to avoid public WiFi networks, like busy coffee shops'.
Always be suspicious of incoming emails or text messages that ask you to click on a link. These links may install malware and malware can allow hackers to spy or gain access to your device or the personal information stored on this device.
Check your security settings on social network sites. Make sure they block or report suspicious people.
Secure your Abra app
Only download Abra through the Apple App Store or from the Google Play Store. Any other website or service that instructs you to download Abra is a fraud and is likely trying to steal your funds or start transacting on your behalf. If you see any suspicious Abra impersonators out there, please let us know at firstname.lastname@example.org.
Back up and protect your recovery phrase after creating an Abra wallet. All funds in the wallet are tied to this recovery phrase, so make sure to preserve it securely and confidentially. Abra (nor our employees) will ever ask you for your full 13-word recovery phrase, it is for your eyes only! If you choose to provide this phrase to someone, they will now have access to your funds; it is not a password and it cannot be changed.
Avoid sharing your Abra app PIN code. Access to the main Abra interface, including transactions, requires a PIN code. Maintain this confidentially to restrict access to the Abra app on your device.
The biggest takeaway from all of this is that you should try to keep your potential attack surfaces as small as possible.
A big portion of these security threats can be managed by just beginning to think differently about your phone or mobile device. Instead of merely a portal to the internet, think of it like a wallet or safe deposit box.
If you have any doubts about an email, phone call or text that has been sent to you, before you reply with personal information or even worse send this entity funds, please reach out to email@example.com, we will be happy to look into it for you!