Skip to main content

What is a crypto wallet and how to protect it

A person holding a cryptocurrency digital wallet in front of a laptop

Cryptocurrency has generated significant interest in recent years, with many investors buying crypto for the first time. But investors are not the only ones interested in cryptocurrency – so too are hackers and scammers, who are always looking for their next opportunity. A crucial part of investing in cryptocurrency is keeping your crypto wallet safe and secure. So what is a crypto wallet, how do crypto wallets work, and how can you protect them?

What is a crypto wallet?

A cryptocurrency wallet, or crypto wallet, is a software product or physical device that stores the public and private keys to cryptocurrency accounts. A key is a long string of random characters. A public key can be compared to a bank account number – which is information you can share – whereas a private key is like a bank account passcode or PIN, or information you must safeguard and keep private.

The term ‘wallet’ is metaphorical, in the sense that crypto wallets don’t really store cryptocurrency in the same way that physical wallets hold cash. Instead, they read the public ledger – that is, the cryptocurrency record-keeping system – so show balances in your addresses, that enable you to make transactions.

How do crypto wallets work?

Cryptocurrency exists on a blockchain and crypto wallet software allows you to interact with balances on that blockchain. Blockchain is a public ledger that stores data in what are known as blocks. These are records of transactions, the balances held at any given address, and who owns the key to those balances. The wallet stores addresses and allows owners to interact with blockchain while also letting others see the metadata at any given address.

All crypto wallets enable users to send, receive, and store crypto. Some have a feature to buy and spend cryptocurrencies. Certain wallets have additional features such as swapping between tokens, staking tokens for a fixed return paid out to users, plus access to dApps – decentralized applications – built on various networks.

Each wallet will have its own set of attributes. In general though, the steps you typically follow when sending or receiving funds using a crypto wallet include:

  • To receive funds, you need to retrieve an address from your wallet. Go to the ‘generate address’ feature in your wallet, click on it, then copy the alphanumeric address or QR code and share it with the person who wants to send you crypto.
  • To send funds, you need the address of the receiving wallet. Go to the ‘send’ feature in your wallet and enter an address of the wallet you want to send coins to. Select the amount of crypto you want to send and click ‘confirm’. An important fact is that the same asset exists in many blockchains. When sending, you need to be sure of the recipient address. At best, the wallet will not allow you to send, at worst, the funds will be lost. Some blockchains also require other meta-information such as a memo note.

Some users send a small test transaction before sending large amounts of crypto as a precaution. Sending coins incurs a fee that is paid to miners in exchange for processing the transaction.

Types of crypto wallets

Crypto wallets are divided into two distinct categories. These are ‘hot’ and ‘cold’ wallets.

Hot and cold crypto wallets

Hot wallets

A hot wallet refers to any crypto wallet which is connected to the internet. These tend to be more common because they are easier to use. Their connection to the internet makes them more convenient, but also makes them more vulnerable to hackers. For this reason, it’s generally not recommended to keep significant amounts of cryptocurrency in a hot wallet.

Cold wallets

By contrast, a cold wallet is a crypto wallet which is offline or not connected to the internet. Since the only way to interact with the blockchain is through the internet, cold wallets are considered much more secure than their hot counterparts. That said, cold wallets are more complicated and require more technical knowledge so tend to be used by more experienced cryptocurrency investors or those with significant assets.

Types of hot wallets

There are different types of hot wallets available. These include:

Desktop wallets

Desktop wallets keep a user’s private keys securely stored on their computer hard drive. 

Web wallets

Web wallets are wallets provided by a third party, which provides access to a user’s holdings via a web browser.

Mobile wallets

Mobile wallets allow users to send or receive cryptocurrency securely via their phone.

Types of cold wallets

Hardware and paper wallets are the two most popular types of cold wallets, falling on opposite sides of the technology spectrum. Paper wallets are the ultimate low-tech solution, while hardware wallets typically contain sophisticated high-tech components. Both are considered a highly secure way of securing your crypto.

Paper wallets

A paper wallet is an offline wallet solution where private keys are written down or printed and securely stored.

Hardware wallets

A hardware wallet is a more high-tech solution which offers secure private key storage in various formats. These physical devices, often resembling a flash drive or small remote control, are offline unless plugged into a computer or mobile device. Hardware wallets are secured by a PIN which you should keep private. Hardware wallets also have a mnemonic passphrase that is used to restore access to another device if the wallet is broken or lost. In this case, it is recommended to store the phrase separately and also safely. It’s also important to store your device in safe and secure place – because if you lose it, your crypto accounts are locked, and there is no locksmith to open them for you.

Custodial vs. non-custodial wallets

In addition to hot and cold wallets, another key distinction to talk about is custodial versus non-custodial crypto wallets. The main difference between these options is the balance of security and who is responsible for securing a wallet’s private keys.

A non-custodial wallet means that you are the only person who has the private keys to your crypto assets. If you forget your password from the wallet, there is no “forgot your password?” prompt to let you back in (though you can reset it and restore it from the seed phrase). While not having this safety net entails a little more risk, non-custodial wallets are considered the more secure option. This is because you don’t have to worry about a security breach at a third-party company. If you are confident that you can look after your assets by yourself, this may be the best option for you. 

A custodial wallet is not as secure but involves a third party that can help you to log in and manage your crypto accounts. Custodial wallets are often web-based, and their biggest advantage is that they tend to be easier to use. While legitimate custodial wallets take security very seriously, there is always the possibility of a breach, especially as crypto accounts are appealing targets to cybercriminals. 

Which crypto wallet is right for you?

Before deciding between crypto wallet options, consider your priorities, thinking about the balance between ease-of-use and security. Consider how easily accessible you want your crypto to be, and how much security you are willing to trade for that convenience. This will help you decide which wallet is right for you.

A man holding a crypto wallet

How to protect your crypto wallet

Crypto wallet protection is important, especially as there have been high profile examples of crypto wallets being hacked. Security tips to minimize the risk of crypto wallet hacking include:

Change your password regularly and use a password manager

It’s important to set a strong password, store it safely and change it often. When choosing a password for your crypto wallet or any other sensitive site, choose something unique rather than an existing password used elsewhere. Make sure your password does not include any personal information. Rather than saving passwords to your browser, it is more secure to store them in a password manager like Kaspersky Premium with built-in Password Manager. It's good practice to change your password regularly, such as every six months.

Set up two-factor authentication

Make sure you enable two-factor authentication, since it is one of the best ways to deter a thief. If your device has biometric authentication, that’s even better. This means that only a scan of your face, voice, or fingerprint will open your accounts. 

Keep your investments in multiple wallets

As with other types of investment, it’s wise not to place all your eggs in one basket. Instead of putting all your NFTs and cryptocurrencies in one wallet, you can divide them into two or more. If you’re hunting for airdrops minting free NFTs, using new DEXes and activities like so, use a separate wallet from the main one. The larger the investment, the more important it is to store them in separate places. Many investors use a hot wallet for day-to-day transactions, and a cold wallet to hold assets for the longer-term, such as retirement savings.

Be vigilant against phishing scams 

Watch out for phishers who may be persistent in trying to gain access to your cryptocurrency accounts. If anyone asks for your private key by email, text, or phone, ignore their message and stay alert. Never share your private key with anyone. Phishing attempts often exploit people’s emotions to trick them into divulging personal information, so don’t fall for messages which masquerade as contests or as a crypto company that needs your private key to restore your accounts.

It's also a good idea to avoid logging in to your cryptocurrency exchange unless you are sure you are on the correct site. Save the link to your favorites, or type in the URL directly yourself rather than clicking on a link sent to you by someone else.

Keep cryptocurrency trading separate from personal accounts

Keep your cryptocurrency trading separate from your personal and work accounts. Create an email dedicated to your crypto wallet rather than using a personal, school or work email that you could lose access to. Avoid accessing your crypto wallet on a work or public computer and consider using a separate device for your crypto trading, such as a dedicated laptop or smartphone.

Don’t disclose information about your wallet

While it may be tempting to share your cryptocurrency investment successes on social media, discussing your gains online is an open invitation to attackers. Many people trade cryptocurrency anonymously to remove any connection to their identity. Avoid disclosing information on social media about your trading activity, such as which exchange you use or your gains or losses.

Always double-check the recipient’s wallet address

A sender or receiver of cryptocurrency is identified by the wallet address. This address is a string of alphanumeric and special characters typically 26 to 35 characters long. Before sending the cryptocurrency to another wallet, always double-check the recipient ID. Malicious software can edit and paste the wrong wallet address belonging to a hacker. Once the transaction is made, it cannot be reversed on the blockchain network – so check carefully before any transaction.

Install updates automatically

Whatever device you use, keep it up to date with the latest software so that you benefit from the latest security patches. To make this easier, you can set updates to install automatically. As well as the device, make sure that the applications installed on that device are up to date.

Avoid public Wi-Fi

Don’t use public Wi-Fi when accessing your online cryptocurrency exchange or accounts. Where possible, use a VPN to hide your IP address and location. You can use a VPN on any device to maintain your data privacy and prevent others from snooping on your activities. A VPN creates an encrypted tunnel that keeps your online activity private and secure, giving you control over your data.

Check your accounts regularly

It’s important to check your crypto wallet regularly to ensure that your accounts appear in order and to enable you to identify suspicious activity quickly. If you think something is amiss with your wallet, cancel any credit cards linked to your account and change your password immediately.

Stay up to date with the latest crypto threats

Cyber attacks are constantly evolving, including those which target crypto, but so are the methods to protect yourself. Monitor the news for updates on new attacks or threats so that you can respond quickly if your crypto wallet does become vulnerable.

Use a good quality antivirus

A good antivirus provides robust protection against crypto hacking and phishing attempts. These programs scan all web sites and links you attempt to visit and flag potential phishing attacks to safeguard your wallets. Use high quality antivirus software like Kaspersky Premium and keep it updated to benefit from the latest protections.

Related products:

Further reading:

What is a crypto wallet and how to protect it

A crypto wallet stores public & private keys for cryptocurrency transactions. Learn how crypto wallets work, types of crypto wallet & crypto wallet protection.
Kaspersky logo

Related articles