As Abra grows so does our user base, with this growth comes users from all technical comfort levels.
Although using Abra may be easy and convenient the risk that comes from sending funds to someone you do not know or giving that same entity access to your personal information may not be as well-known. Transactions on the blockchain are irreversible, if you send cryptocurrency to someone there is no way to reverse that transaction. Sending cryptocurrency to someone you do not know is similar to handing cash to a stranger and then walking away.
We wanted to share some best practices and suggestions with our users that can assist in using Abra safely.
Avoid Frauds & Scams
From news articles to TV shows we’re sure you’ve seen reports on numerous scams. What isn’t taken into consideration is just how easy it is to fall for one. Multiple apps are now being utilized to support these scammers. The following tips may help prevent you from being scammed.
Be aware if you see a promotion, ad, deal, ‘act fast’ scheme, etc. that seems too good to be true, it probably is. There are a number of scammers on social media who will reach out and ask for a certain amount of money for a “big return”. As cryptocurrency transactions are irreversible, once you send this person these funds, your don’t have the ability to dispute the transfer to obtain a refund.
Common scams or schemes will offer to send you a check, money order, wire or in this case crypto and will ask you to send a portion back or out to a “client”. Anytime you accept money on behalf of someone you do not know, you run the risk of laundering money for a scammer.
Knowing/trusting the person you are sending cryptocurrency to is the key to avoiding being scammed. Cryptocurrency transactions cannot be reversed, and thus a person’s losses may include not only out-of-pocket financial losses but also substantial costs to restore credit history and to correct erroneous information in their credit reports.
If you believe you have been scammed, contact your state, local, or federal consumer protection agency. As these types of crimes are becoming common, local law enforcement may be able to provide advice and assistance. Reporting the event in detail (with screenshots, emails, etc.) to the proper authorities is always recommended.
Protect your mobile device
As the Abra wallet is a non-custodial wallet, we never have access to your funds. They are tied to your private keys, which are secured inside your Abra app. Maintaining safe control of your phone/device is the first layer of defense.
Secure your phone with a password. Remember that your phone is part of the security chain and it is what connects you to your crypto wallet. So create some defensible space around your phone and treat it like one part of the key to the vault where you store your cryptocurrency keys.
Along those lines, keep your phone in your possession at all times. Again, your phone is now part of your crypto custody chain, so treat it like a set of keys.
And while we are still on the topic of phones — make sure you know where your phone came from. Buying a second-hand phone off the internet or using a jailbroken phone is not advised. You want a phone where you know its full security history and have confidence that you are the only one in complete control of what’s going on behind the scenes.
Always mind your hardware ports. One of the biggest risks and simplest ways to breach a phone’s security is through a hardware port. To ensure safety, consider disabling hardware ports and at least be aware of your external hardware connections.
Avoid sketchy websites. You are probably already aware that some websites can be a backdoor into your devices and a way for bad actors to steal critical identifying information, and arrange social engineering and other kinds of attacks and takeovers.
Mind the WiFi: Before logging into the Abra app, best practice is to use a trusted WiFi, like your home network, or some other option that you have a high degree of trust. It’s best to avoid public WiFi networks, like from a busy coffee shop.
Always be suspicious of incoming emails or text messages that ask you to click on a link. These links may install malware and malware can allow hackers to spy or gain access to your device or the personal information stored on this device.
Check your security settings on social network sites. Make sure they block or report suspicious people.
Secure your Abra app
Only download Abra through the Apple App store or from Google Play. Any other website or service that instructs you to download Abra is a fraud and is likely trying to steal your funds or start transacting on your behalf. If you see any suspicious Abra impersonators out there, please let us know at firstname.lastname@example.org.
Back up and protect your recovery phrase after creating an Abra wallet. All funds in the wallet are tied to this recovery phrase, so make sure to preserve it securely and confidentially. Abra (nor our employees) will ever ask you for your full 13-word recovery phrase, it is for your eyes only! If you choose to provide this phrase to someone, they will now have access to your funds, it is not a password and it cannot be changed.
Avoid sharing your Abra app PIN code. Access to the main Abra interface, including transactions, requires a PIN code. Maintain this confidentially to restrict access to the Abra app on your device.
The biggest takeaway from all of this is that you should try to keep your potential attack surfaces as minimal as possible.
A big portion of these security threats can be managed by just beginning to think differently about your phone or mobile device. Instead of merely a portal to the internet, think of it like a wallet or safe deposit box.
If you have any doubts about an email, phone call or text that has been sent to you, before you reply with personal information or even worse send this entity funds, please reach out to email@example.com, we will be happy to look into it for you!