Since launching in 2018, Nexo has lost zero cryptocurrency due to intrusion or hacking and our industry-leading security infrastructure has prevented data leaks and breaches with a 100% success rate. One of our first priorities is ensuring your utmost safety on our platform. But you also have a role to play.
As a courtesy to you, our clients, we would like to remind you to follow a few simple but important tips for protecting your Nexo account against potential cyber attacks, phishing and smishing attempts, hacks, and unauthorized access:
- Use unique passwords: Use your Nexo password exclusively for your Nexo account. Make sure you also have a different password for the email registered to your Nexo account. Make passwords that are hard to guess and use a password manager. Never reveal your passwords to others.
- Enable 2FA: Be sure to have Two Factor Authentication (2FA) switched on for your Nexo account as well as for your email when possible. We recommend avoiding text message-based options due to risks arising from SIM swaps.
- Identify phishing scams: Phishing is a social engineering attack used to steal user data (e.g. login credentials and card numbers). The key signs of phishing messages include public, misspelled (e.g. go0gle.com), unknown, and/or suspicious domain names; suspicious attachments/links; poor writing; a sense of urgency. Such attacks may include unrealistic offers, alerts about account security, wallet activation messages, and contacts from customer support, among others.
- Beware of smishing: Smishing is phishing executed using a text. The smisher might pose as someone you know or authorized to ask for sensitive information. Do not reply, call the number, or click on any links. Never provide passwords or recovery codes via text. Note that Nexo will never prompt you to log into your account via a text or a link.
- Enable Whitelisting: Whitelisting is a security feature that limits withdrawals to only the addresses in your Address Book – it’s where you can save up to 500 withdrawal addresses. Upon enabling it, you will be required to set up your Extra Security option, i.e. the length of the security delay for adding new addresses.
Here are a few extra tips on how to spot and avoid common scams which may impersonate individuals, organizations, and/or companies you trust.
- Verify the source: If you receive an unexpected or suspicious communication from an organization, don't respond immediately. Instead, use a known, trusted method to contact the person or organization directly via an official website or customer service communication channel.
- Do not click on suspicious links or download attachments: Doing so may put your device at risk of viruses or other malicious software. If a message includes a link or attachment and you weren't expecting it, it is best not to click or download without verifying the source first.
- Use secure and updated systems: Keep your operating system, browser, and security software up to date. These systems often include security updates to protect against new threats.
- Report suspicious activities: If you receive a suspicious message pretending to be from an organization you do business with, report it immediately. Organizations have security teams dedicated to tracking and preventing these types of scams.
Follow the above-mentioned tips to add extra protection to your funds and avoid scammers. For more tips on how to protect your Nexo account specifically, read this dedicated article on our Help Center.
The safety of your funds ultimately depends on both Nexo’s stellar security infrastructure in combination with the good practices of our clients. This is why we strongly encourage you to remain vigilant and take these measures to secure your accounts.