When you watch the news of people getting breached, it could have been avoided by following some basics in most cases.
1 – Never reuse passwords. If one account gets compromised, then all the others get compromised too. Using a password manager solves this problem and makes our lives much easier - you can auto-generate lengthy, secure passwords for all your accounts. Bitwarden is a pretty solid tool. Check if your password is compromised - haveibeenpwned.
2 – Secure your accounts with MFA(Multi-Factor Authentication) if available. While SMS is a good start, unfortunately, it's not that secure. SIM Jacking/SIM Swapping attacks can steal your number in no time. This is where Authenticator apps and hardware security keys come into play. Set up all your accounts to use some form of 2FA. Make sure to lock your MFA app as well. If you want a hardware security key, YubiKey is a good choice. For apps, Authy is a great option. They have their own pros and cons, but they get the job done.
3 – Protect your digital devices. Make sure you have enabled basic security features on your phone, laptop, tablet, etc., such as password or biometrics to unlock. In case you lost your device, find my android/iPhone feature comes in handy. Using this you have the ability to remote lock/wipe the data on your device. If you use your laptop/desktop, ensure you have a secure password or biometrics enabled and encryption enabled. Bitlocker for Windows, and FileVault for OSX.
4 – Password protect your financial apps. Also, use the built-in app locks that use your biometric authentication, like your touch ID or face ID.
5 – Pinlock / Biometrics lock your financial and banking apps with different pins. Same as 1, if you reuse the same pin on everything, if it gets breached once you are done.
6 – Never use your device on an untrusted network. If you need to access the internet, use a VP if it's an emergency. ProtonVPN, MullvadVPN, IVPN are some of the best. You never know who is sniffing or if someone is trying to do a Man in the middle attack. A common example of people using public WiFi is in a coffee shop, railway station, or airport. Here is where hackers tend to perform the evil twin attack.
7 – Move your crypto funds to a cold wallet and ensure you BACKUP and STORE your recovery phrase in a secure location. Pen, paper, and a safe with clearly legible writing and information about what the phrase is needed for. Cold wallets are definitely much safer than hot wallets, but there is always a challenge to the device's physical security.
8 – Back up your stuff, whether phone/laptop/encryption keys. Back it up weekly/monthly/quarterly/yearly. Whatever your risk appetite, you should back everything up and ensure your backups work by testing them! Backups are useless if they don't work. Mega, Proton Drive, and Skiff Drive are some of the best clouds.
9 – Never give your confidential data like passwords, recovery codes, etc., to anybody. No matter who they say they are or how much they say, they can help. Please don't give them any information to work with or compromise your accounts.
10 – If it sounds too good to be true, it probably is a scam. No, nobody will send you 5 BTC back if you send them 3. Don't get fooled by celebrities asking for cryptos; their social media accounts probably got compromised.