How Bitcoin is a Secure Technology
You can think of bitcoin as money that comes wrapped in a safety deposit box. The question then becomes whether you want to operate that box yourself, or entrust a third party to do it for you.
Most ordinary investors choose the latter option, buying, and storing their bitcoin with a service like Coinbase. This is a sensible option since those services rely on the security features built into bitcoin—just like you would do if you hold the bitcoin yourself.
The other option is to acquire a bitcoin wallet for yourself. This comes with few extra strings —known as a “public key” and a “private key.” You can think of the public key like a deposit slot for your safety deposit box where anyone can give you bitcoin, while the private key is a secret way to open the box that only you should know and is not to be shared by anyone.
Bitcoin is designed so that it’s basically impossible to guess the private key, which means no one can hack or force themselves into your wallet/safety deposit box.
The Safety Maths of Bitcoin
This means that the only way bitcoin can be stolen is for a thief to trick you—or a third party you rely on—into giving access to it, or for the third party to get compromised.
Let see how people lose their bitcoins
Hacker Obtains the Password for Your Account at a Storage Service
How : If you use a service like Coinbase, you don’t have to go through the hassle of remembering a public and private key. Instead, it’s more like online banking where you use a user name (typically an email address) and a simple password.
This allows for thieves to rob you by obtaining your password. The most common way they do this is by breaking into customers’ email accounts, and then asking Coinbase to reset their password. The password reset request is then sent to the compromised email account, allowing the thief access to the bitcoin funds. Most famous way of hackers getting your password is known as Social Engineering
How to prevent it: First, Turn on two-factor authentication on your email to keep the hackers. You should also do the same with your bitcoin storage service, actually you should do that with every service you use. In the case of Coinbase, the company requires a two-factor log-in process that consists of a password and an SMS text. But because texts can be intercepted. You may opt for Google Authenticator
Exposing Private Keys
How: This risk is applicable if you are managing your own wallet. In this situation, someone else might obtain your private key by getting into your email (if that’s where you keep it) or even seeing the private key in the physical world. In one famous example, someone showed their private key on a TV show—and hackers promptly copied it and emptied the person’s wallet.
How to prevent it: Store your private key off-line on a piece of paper or on a USB stick, and put it somewhere safe—like a real world safety deposit box.
Hacker Impersonates a Bitcoin Recipient
How: Notorious bitcoin-related hacking stories this year occurred when companies held so-called “initial coin offerings” (a form of fundraising) and asked investors to send them bitcoins. In certain cases, clever hackers impersonated the companies with a fake website and persuaded the investors to send millions of dollars worth of funds to a different bitcoin wallet. Once the bitcoin was sent, there was no recovering it, and both the companies and investors lost their bitcoin.
How to prevent it: When you go to transfer bitcoin funds to someone, confirm the wallet address is genuine.Its best to double check the site URL
Insecure Third Party
How: This week’s theft at the bitcoin mining service, known as NiceHash, appears to have occurred because hackers compromised an employee’s laptop and got access to the company’s payment services. Once the hackers were inside, they gained access to one of the company’s bitcoin wallets—which included funds belonging to NiceHash customers—and emptied it.
These sort of incidents are a little bit like when hackers compromised Target’s payment system, and stole customers’ credit card information. In the case of bitcoin owners, they are doing business with companies that don’t have proper cybersecurity measures in place—and worse, unlike the Target breach, no one is likely to refund their money.
How to prevent it: Be careful of the bitcoin companies with which you choose to do business. Always do your own research (DYOR)
The Exit Scam
How: A company offers a bitcoin-related service such as an exchange or a market where customers maintain an account in bitcoin. All of a sudden the company is not more,their site is down and customer service has vanished, often after claiming that they have been hacked. In reality, the owners pulled an exit scam—vanishing from the Internet with their clients’ bitcoin. This scam technique existed with real businesses and now it has moved to the crypto world
How to prevent it: Exit scams are often associated with the darker corners of the web or with fly-by-night crypto investment ventures. If these are the sort of places you like to roll with you bitcoin, well, the only advice is “buyer beware.” You can prevent it only if you stop trading with shady websites , any crypto site making big claims should get you alert and careful.