# Risks & Mitigation

### All Potential Crypto Risks

Clipboard Manipulator

- **RIsk**: A virus could view your clipboard and if it detects a wallet address, it could change it with an attackers address
- **Mitigation**: Check first and last 8 digits of address

Loosing Hardware wallet

- **Risk**: Someone could find the hardware wallet and try to brute force the pin
- **Mitigation**: Keep in a secure location

<div id="bkmrk--1">  
</div><div id="bkmrk-loosing-seed-phrase">Loosing seed phrase</div><div id="bkmrk-risk%3A-someone-could--1">- **Risk**: Someone could find the seed phrase and drain the wallet
- **Mitigation**: Store 2 copies in 2 locations, on metal and paper

<div>  
</div></div><div id="bkmrk-sending-to-wrong-add">Sending to wrong address</div><div id="bkmrk-risk%3A-send-stuff-to-">- **Risk**: Send stuff to wrong address and it's lost forever :(
- **Mitigation**: Send small test transaction first then for large sends, verify FULL address

</div>Website DNS attack

- **Risk**: An attacker could hijack a website DNS to point it to a different location (domain is still the same but code is different)
- **Mitigation 1**: Set up a second wallet for ongoing transactions when interacting with sites and not ledger software
- **Mitigation 2**: Check website's twitter page for any announcements

Protocol code / private key attack

- **Risk**: A protocol's private keys or code gets hacked
- **Mitigation**: Don't hold too much % in a defi project / memecoin

CEX closes / limits account

- **Risk**: Exchange closes / limits account
- **Mitigation**: Sign up to multiple exchanges\\

<div id="bkmrk--5">  
</div><div id="bkmrk-cookie-stealer">Cookie Stealer</div><div id="bkmrk-risk%3A-install-a-viru">- **Risk**: Install a virus that steals all session cookies and can now log into any website already logged into
- **Mitigation**: Don't install software you don't 100% trust OR have a seperate computer / OS for crypto transactions

<div>  
</div><div>Bank blocks deposit</div><div>- **Risk**: Bank blocks a deposit from your account to a crypto exchange
- **Mitigation 1**: Sign up to multiple bank
- **Mitigation 2**: Buy the bitcoin ETF

<div>  
</div><div>Phishing</div><div>- **Risk**: Someone sends an email / text / call pretenting to be an exchange or wallet
- **Mitigation**: Check sender from address, go directly to URL, don't click link, ensure 2FA is enabled on exchanges

<div>  
</div></div><div>Sim Swap attack</div><div>- **Risk**: Someone finds out my phone number and sends my number to their phone to try and reset password linked to my phone
- **Mitigation**: Ensure app based codes are enabled over phone number based

</div></div></div>### Best Mitigation Techniques

In order of Hardest to easiest

1. Have a seperate computer for crypto transactions (preperably with linux)
2. Have a seperate browser profile with only ublock origin
3. Check full address for big transactions
4. Send a test transaction for new addresses

<div id="bkmrk--6">  
</div>