MetaMask and safety: crypto wallet’s basic rules

MetaMask is one of the most popular crypto wallets, supporting Ethereum and its tokens, as well as BSC (which is a fork off Ethereum).

Owned by ConsenSys, MetaMask has been constantly ameliorating its user interface, with most recently allowing ApplePay users to buy crypto with their credit cards. It now also shows the details of smart contracts requesting permission to connect the wallet and allows users to label and save those they deem trustworthy.

The increasing user friendliness is paying off: the number of MetaMask monthly active users has grown from 4M people in March’21 to 30M in March’22, and it doesn’t look like slowing down soon.

Unfortunately, as any popular software with an access to money, with user growth comes the increase in interest from scammers and hackers of all sorts.

So here are some basic rules how NOT to expose your MetaMask funds to them:

☔ first and foremost – do not reveal your seed to anyone (yes, that’s kind of obvious, but phishing websites can be very persuasive!)      

☔ do not accept connections from smart contracts/websites you don’t know

☔ check the details for every transaction you sign

☔ lock your MetaMask when not in use

☔ do not store your seed on your computer: some malware programs can scan it searching for seed-resembling text docs

☔ don’t forget to protect your computer with anti-virus

☔ for users of iPhone application: if iCloud automatic backup option is on, the encrypted passwords for your MetaMask will be uploaded into it too. So if someone phishes your credentials and the password isn’t strong enough, the wallet could be hacked.

To sum up: protect your computer and your phone, never give your seed or your phone credentials, and do not approve unknown/fishy actions, whether it’s a smart contract requesting connection, or an “Apple” calling to ask for the 2FA authentication number.

What’s even better, store most of your funds on a cold wallet.

Be safe ?