MyBlockX takes extensive security measures to ensure your account and cryptocurrency investment remains as safe as possible, but ultimately it is a shared responsibility. Here are some actionable steps that you can take in order to protect yourself from unauthorized access:
Use a strong password
When creating your MyBlockX account, use a unique and strong password. Don't reuse passwords from other online accounts. We also recommend using a password manager like LastPass, 1Password, or Dashlane to easily generate and securely store unique passwords for all of your online accounts.
If you don't want to use a password manager, just make up an original passphrase (a sentence or group of four words) for your account. However, be careful not to choose something from books that hackers can access in their databases because they're sophisticated enough already.
For more password-related information or to see how strong your current password is, see our Password FAQ.
Important Reminder: Never disclose your password to anyone. MyBlockX employees will NEVER ask for your password.
Utilize the Strongest Form of 2-Step Verification
A security key can be used to protect all of your online accounts. This includes MyBlockX, Gmail, and Facebook among others as well! If you don't already own one consider Yubico - a popular choice for many people who want an easy way out when they need it most - especially if their laptop might get lost or damaged without protection from these pesky bugs.
If you’re not ready to invest in a security key or just don't want the hassle of managing them yourself, there are apps that can help. With Time-based One Time Password (TOTP) with mobile authenticators such as Duo and Google Authenticator is one option for drastically reducing your chances when it comes to hacking accounts
Security keys and TOTP can both be enabled in your account’s security settings (link this to our page that does this TOTP). If you need help enabling these features, please review this support article outlining the necessary steps. To add an extra layer of security to your account, you should also consider enabling 2-step verification for all sends of cryptocurrency. This feature can also be enabled in your account’s security settings.
If you don't own a smartphone and are restricted to receiving your 2-step verification codes via text message, follow the steps in the section "Lock Down Your Mobile Account" so that it is less likely for hackers or SIM swap attacks.
Secure Your Email
The importance of your email can't be understated. That's why we need to make sure it stays secure. We use your email to confirm new devices, send you important alerts about your account, and communicate with you if you need support. Please make sure it is secure!
First, check whether or not you've been compromised in a third-party data breach at https://haveibeenpwned.com/ and if so change any passwords associated with that address immediately using two-factor authentication for extra protection against hackers as well.
As an additional security precaution, you should conduct a periodic security review of your email account and settings as well:
- Check your email account for unusual rules, filters, or forwarding addresses
- Check your email account settings for authorized devices you do not recognize
- Check for unauthorized recovery emails or phone numbers added to the account
For those who feel like they may be at risk of targeted account takeover attempts, check out Google’s Advanced Protection Program.
Lock Down Your Mobile Account
A SIM-swap or phone port attack occurs when an attacker has their target’s phone number transferred to a mobile device under the attacker's control. Fraudsters are able to do this by using various methods, including identity theft and socially engineering customer support representatives at carriers. This type of security threat poses problems for all accounts relying on text message two-step verification as well as those that can be recovered through traditional cell-based authentication systems.
To help protect yourself against this type of attack, please complete the following:
- Call your mobile service provider and tell them that you’d like to place a port freeze and SIM lock on your account
- Ask them to create an account note requiring you to be in-store with a valid photo ID in order to port or transfer your phone number to a new device
- Ask them to add or enable a PIN number to be used when making changes to your account
- Inquire about other security measures you can enable on your mobile account to prevent unauthorized changes
Even if you don't use SMS-based 2-step verification, it is still important to enable a screen lock on your mobile device. This will help prevent the thief from accessing your MyBlockX account and email if they steal your phone.
Keep Your Devices Clean and Updated
Malware is a serious issue on the rise. Some of it can be especially worrisome, like keyloggers and remote access trojans (RATs). Keyloggers watch what you type while Cookie-stealing malware uses cookies to steal information such as email accounts or passwords for other sites users might use.
To protect your devices from these types of threats, consider the following:
- Utilize anti-virus protection and scan your device regularly. You should also be updating your virus signatures as often as possible to stay ahead of new threats
- Keep your device updated with all of the most recent operating systems and security updates
- Keep your web browser and all other software updated with their latest versions
- Uninstall all questionable or unnecessary pieces of software from your device, especially tools that allow remote access
- Install an adblocker like uBlock Origin in your browser to help protect you from malicious ads
- Practice safe web browsing habits and never click on suspicious links or download suspicious programs
- Do not install and use browser plug-ins or add-ons developed by unknown third-parties
- Enable a screen lock and password to gain access to your device
Protect Your Cloud Storage Accounts
Many people who use smartphones often make use of cloud storage accounts such as Google Drive or iCloud to create backups in case they need access to their phones. This includes messages, contacts, email (and more), which can be obtained by an attacker if they gain control over your device's backup file - don't underestimate the power!
Luckily, you can easily secure and protect your cloud storage accounts by following a few basic guidelines we’ve already covered:
- Create a strong password! Preferably using a password manager
- Secure it with the strongest form of 2-step verification available
- Protect your email account
Or if you want to completely avoid the risk of an attacker being able to back up your mobile device data, you can disable backups altogether in your cloud’s account settings.
Bookmark MyBlockX
Bookmark https://www.MyBlockX.com/ in your browser and only use this link to access MyBlockX. If you ever receive any text messages or emails about your MyBlockX account, always use the bookmark to navigate to your MyBlockX account.
Stay Alert for Phishing
If you are not sure what phishing is, please take a couple of minutes to read our article about phishing here
If you receive a message appearing to have been sent by MyBlockX, and you believe it is suspicious, you can always forward it to support@myblockx.com to verify its authenticity. Alternatively, you can review this support article to help you decide whether or not an email is legitimate.
Check Your Recent Activity
In your MyBlockX account, visit the Activity page where you can view all of your active sessions including authorized mobile applications, web sessions, and confirmed devices.
If you've noticed an unauthorized application, session, or device on your account that needs to be revoked—click the blue X in order for it not to keep happening. You can also request customer support if needed by opening a ticket explaining what happened so our security team has all the necessary information about this issue at hand when they review your account.
Utilize the MyBlockX Vault
If you are not an active cryptocurrency trader and plan to store your investment in your MyBlockX account long-term, we strongly encourage you to make use of a Vault. Vaults require multi-email approval to start a withdrawal, and the withdrawal itself has a 48-hour time delay, during which you can cancel the withdrawal at any time if you change your mind or if the withdrawal was initiated by an unauthorized party. Setting up a Vault is simple and easy, you can find more information about the process here.
Practice Due Diligence
When installing software or applications on the device that you use to access your MyBlockX account, always practice due diligence. Additionally, do research before allowing any third-party application to have permission for accessing this online wallet because there are many shady sources out in cyberspace who will try and install unwanted things onto our devices without us knowing! Make sure all browser plugins come from reputable repositories so they can't get into these dangerous code downloads which could steal private keys or other personal information stored within them when not protected by strong passwords at every turn. Browser plugins can also be risky to install, make sure you always install browser plugins from the official browser plugin repository for your browser.
On another note, it is common practice for scammers to impersonate MyBlockX and MyBlockX support on social media. Before engaging with anyone claiming to be MyBlockX on social media, please check to see if it is one of our official accounts here: Is MyBlockX present on social media? If not, please send the link to the impersonation account to support@myblockx.com immediately.
Contact Customer Support
If at any time you have an account security concern or question, please do not hesitate to contact MyBlockX support. Only contact MyBlockX through this portal. Fake customer support numbers and websites are a constant threat—please be very cautious with any information you find via forums, social media, and Google Ads.
As a rule of thumb, remember that MyBlockX staff will never:
- ask for your password, 2-step verification codes, or email access
- ask you to install remote sign-in or remote support software on your computer
- ask you to send money for resolving issues with your account
- call you directly to handle account support or troubleshooting issues
If anyone claiming to be associated with MyBlockX Support requests this information or calls you directly, please cease all communication and immediately contact us.
We hope that this information helps you take your account security to the next level.
Comments
0 comments