Get Wallet
Assets
Features
Staking
ProFor Partners
Support
Help Center
  1. Main
  2. iconHelp Center
  3. iconHow to protect my wallet?
iconPrevious page

How to protect my wallet?

Most crypto losses aren't caused by sophisticated hacks.

Usually it's something much simpler. A recovery phrase in a notes app. A fake website that looked real. A transaction approved without thinking.

That's why wallet security matters. A few basic precautions can prevent the majority of problems users run into.

Understand what you're actually protecting

People think "wallet security" means the wallet itself.

It doesn't. It means access.

If someone gains access to the credentials connected to your wallet, they can potentially control your funds from anywhere in the world.

The things that grant access:

  • Your recovery phrase (the big one)
  • Your private keys
  • Your device
  • The transactions you approve

Nothing matters more than your recovery phrase. It can restore your entire wallet. Everything.

Your recovery phrase = your whole wallet

A recovery phrase is 12 or 24 random words. It's the master key.

Lose your phone? Break your laptop? Reinstall the app? The phrase gets you back in.

Same for a scammer.

So do this:

  • Store it offline. On paper.
  • Keep a backup.
  • Never email, text, or message it.
  • Never put it in cloud storage.
  • No screenshots.

No support agent or project will ever ask for your recovery phrase. Ever.

Not sure how recovery phrases and private keys differ? Read our dedicated guide first, it makes everything else easier.

How wallets actually get stolen

Same mistakes. Over and over.

Fake websites (phishing)

Scammers clone real sites. They look identical. One tiny letter difference in the URL.

Before connecting your wallet:

  • Check the website address
  • Check the project name
  • Check their official social media
  • Use a bookmark, not a random link

Checking the URL has saved a lot of people.

Fake wallet apps

Only download from official sources. Fake apps steal logos, screenshots, descriptions.

Before installing:

  • Who published it?
  • What do reviews say?
  • Go to the official website first

Unsure? Take five minutes to verify.

Malicious approvals

Some attacks don't want your phrase. They just want you to approve a bad transaction.

DeFi apps ask for permission to interact with your tokens. Most are fine. Some aren't.

Before signing as yourself:

  • Which token is it?
  • How much?
  • What permissions do I give?
  • What platform do I use?

People analyze a trade carefully, then blindly approve. Attackers count on that.

Don't ignore your device

A secure wallet on a compromised device is still risky.

Security measureWhy it matters
Screen lockKeeps people out
BiometricsExtra security layer
Software updatesFixes known holes
Trusted app sourcesLess malware
Device encryptionProtects local data

Software updates are easy to skip. Don't. They patch vulnerabilities attackers already use.

Read before you approve

Experienced users actually read what they're signing. Crypto transactions are mostly irreversible.

Check:

  • Destination address
  • Network
  • Amount
  • Permissions
  • Why you're doing this

Feels off? Stop. Investigate.

Scammers love urgency. Fake giveaways, phishing sites, shady DMs — they want you to act fast. Don't.

Security doesn't stop at the wallet

Public Wi-Fi? Probably fine, but maybe don't restore your wallet at a coffee shop.

Social media is riskier. Fake support accounts, impersonators, scam giveaways — daily.

Simple rule: if someone contacts you first about your wallet or an "opportunity" — be suspicious. Real support doesn't DM you.

Also, don't post your balance, transaction history, or screenshots of your holdings. The less scammers know, the better.

Common mistakes

  1. Storing phrases online — cloud, email drafts, notes, screenshots. All risks. Offline is always safer.

  2. Reusing passwords — if one account gets hacked, attackers try the same password elsewhere.

  3. Connecting to every dApp — not every platform deserves access. Ask: do I trust this?

  4. Chasing every airdrop — scam giveaways promise easy money. If it looks too good to be true, verify.

  5. Ignoring active approvals — people check balances but forget permissions. Review and revoke now and then, especially if you use DeFi.

Quick checklist

QuestionCheck
Is my recovery phrase stored offline?
Do I have a backup copy?
Is my device protected with a password or biometrics?
Do I verify websites before connecting?
Do I review transaction approvals carefully?
Is my wallet software up to date?
Do I avoid sharing sensitive wallet information publicly?

Nothing complicated. Follow this and you'll avoid most problems.

Final thoughts

Wallet security isn't hard. Just pay attention.

Store your phrase properly. Check URLs. Read before approving.

Most people who lose funds make one small mistake that seemed fine at the time.

Taking an extra minute to verify? Worth it.

FAQ

What's the most important thing to protect?

Your recovery phrase and your private keys. Both give access to your funds. The difference is scope: a recovery phrase restores your entire wallet across all blockchains. A private key controls access to just one blockchain family — EVM networks, Solana, Bitcoin-like chains, and so on.

Can someone steal my crypto just by knowing my wallet address?

No. That's a public key. They need your phrase or private keys.

Can I store my seedphrase in the cloud?

Better not. Offline is safer.

How often should I check wallet permissions?

If you use DeFi, review every so often. Revoke what you don't use.

Are hardware wallets safer?

For larger amounts, yes as keys stay offline.

What should I do if my phrase got exposed?

Create a new wallet immediately. Move your funds as fast as possible.

Can support teams ever ask for my seedphrase?

Never. If someone asks, they're a scam. Block them.

FAQ menu
icon
Crypto wallet
What is a DeFi wallet?Why do you need a crypto wallet?How does a crypto wallet work?Custodial vs Non-Custodial Wallets: which is better?What is NOW Wallet?What's the difference between ChangeNOW and NOW Wallet?Hot vs Cold wallets: What's the difference?Is there a desktop version of NOW Wallet?How many crypto wallets can you have?What is the best crypto wallet for beginners?
icon
Manage my assets
How to send and receive crypto in NOW WalletWhat is Private Send?How to exchange crypto in NOW WalletWhy should you exchange crypto directly in your wallet?What affects crypto transaction speed?What are dApps?What are perpetual futures (perps) in crypto?What are prediction markets in crypto?How to use perps and prediction markets in NOW WalletWhat are network fees? What is an ETH gas fee?What is GasFree USDT and how to use it?Can I use a hardware wallet with NOW Wallet?How to transfer funds from MetaMask to NOW WalletHow to diversify a crypto portfolioHow to buy RWAs in NOW WalletWhich cryptocurrencies does NOW Wallet support?What should I do, if my token is not listed?What are wrapped tokens?How to safely transfer funds from Trust Wallet
icon
Support and Troubleshooting
How can I tell about the bug?I can't find the answer to my question. How do I contact Support?
icon
Getting started with NOW Wallet
Does NOW Wallet have social media to follow?What’s the difference between a private key and a recovery phrase?How do I put money into my NOW Wallet?What is a wallet address?How to install NOW Wallet?
icon
Security
How to protect my wallet?What happens if I send cryptocurrency to the wrong address?Am I in control of my private keys?How should I store my recovery phrase?How to report scammers or phishers?Is NOW Wallet a safe Wallet?Where to find my recovery phrase?
icon
NFT’s and Staking
What is NFT?Do you need a crypto wallet for NFTs?What are the benefits of Staking?Mining vs Staking: key differences for crypto holdersHow to Stake Crypto?Can you make money with NFT?Should You Stake?What is staking in crypto?
icon
Other
What is PoS?What is PoW?What are coins?What are Real-World Assets (RWA) in crypto?
icon

Questions not answered?

If you haven't found the answers you're looking for on our site, then please don't hesitate to contact us. We’ll help you as soon as possible.

Contact us
Assets
Features
Staking
ProFor Partners
Support
NOW Products Family