How to protect yourself from hackers and scammers takes extensive security measures to ensure the safety of all accounts. There are additional steps that are strongly recommended for users to protect themselves from bad actors accessing their accounts and funds.

It is important to first note that the support staff will never ask you for your 2-factor authentication code or password. If you receive any correspondence from a party whether they claim to be associated with or not that requests this information, immediately contact us.

Use a strong password

It is highly recommended to use a complex and unique password that has not been used or shared on any other websites or platforms you use. Strong passwords generally contain at least 8 characters with one uppercase letter, one lowercase letter, one special character and one number. It is also considered good practice to routinely change your password (every 3 months for example).It is important to not reuse passwords that you may have used on other websites, as data leaks occur from time to time on 3rd party services. You can check here to see if your email address has been associated with any known leaks.

Enable 2-Factor authentication

Activating 2FA through Google Authenticator on your account is a key step toward securing your account. This can be easily enabled in settings once you have logged into your account.

Bookmark our domain

Bookmarking and using this bookmark to access the website (as opposed to manually typing the address or searching in Google) can substantially reduce the risk of falling victim to a website that is designed to imitate to gain access to your login details. Always be sure to check that the lock symbol appears near the browser’s address bar which indicates your connection to is secure.

Ensure emails are sent from us

Always be vigilant when opening and reviewing emails to ensure that it is not an email from a bad actor pretending to be Keep on the lookout for poorly worded emails, suspicious links, and attachments. These are generally the most common ways that customers are compromised through ransomware. Always check the sender’s email address is from us.

Check your IP activity

It is considered good practice to check your IP login activity to ensure that it is only coming from verified devices. You can do this at any time by visiting your Log on History.

For extra protection against unauthorised logins, you can enable Device Whitelisting, which will require confirmation via email when there is a login from a new device or browser.

Beware of recovery services

In the world of cryptocurrencies, recovery services are almost always fraudulent. Cryptocurrency transfers are for the most part immutable, which means they cannot be reversed. Any recovery service that asks for money upfront is almost certainly a second-level scam, and you will just lose more money to them. Unfortunately, there are not a lot of good options when it comes to recovering lost funds as most of these scam companies are incorporated outside of Australia, so there is minimal legal recourse.

Only withdraw to trusted addresses

Cryptocurrency transactions are irreversible so it is important to always double-check that you have the right cryptocurrency address and that you are transferring funds to a trusted recipient.

If you are unsure or are seeking more information on the above, please refer to our guide or contact our support team.

Article first published March 2020.  Updates are made regularly as new information comes to light.