Metamask

Decentralization is becoming increasingly important and is an indispensable aspect of the crypto revolution. With the growing number of decentralized exchanges (DEXs), the world of decentralized finance (DeFi) is gaining in investors. One of the options for trading on decentralized exchanges is via Metamask. But how do you keep your Metamask safe and how do you prevent your digital assets from being stolen?

What is Metamask

Metamask is a software wallet that makes it possible to trade on various decentralized exchanges. Originally, MetaMask was designed to be an Ethereum wallet. Luckily, it is already possible to connect it to different networks, so that you can trade with your Metamask on different DEXs and in different networks. The browse extension gives you instant access to various protocols for trading crypto. Always make sure that you send your currency to the correct network!

The advantage of Metamask is that no one, except you, can determine anything about your own digital assets. It remains a strange fact for many investors that their crypto, on platforms such as Binance or Bitvavo, is still not entirely theirs. In principle, these exchanges can be hacked or go offline where your crypto is lost. Hence the famous saying 'not your keys, not your coins'. This is different with Metamask. It is with wallets such as Metamask that you are the only person who does have the keys and the coins are therefore exclusively in your possession. But there are other dangers lurking here.

Metamask: Basic Safety

Setting up a Metamask is child's play, but as easy as it is, it's important to be aware of the potential risks. Let's discuss the basic safety of your Metamask.

Seed Phrase

When creating your unique wallet, you will receive a seed phrase. These are 12 random words that serve as access to your Metamask wallet. This unique sequence gives a user direct access to your wallet. Therefore, write down this seed phrase when creating your wallet and keep it somewhere offline in your home. This way you can keep it in a safe, so that it is never lost. For example, if you have a new computer, you can download the Metamask browser extension again and restore your wallet with this unique code.

Already have an account and have no idea what your seed phrase is? Then it is also possible to consult this combination of words from your personal account. But beware, this is not entirely without danger either. We are now reasonably familiar with the internet, but we are not sufficiently aware of the dangers. One of the most underestimated dangers is using a public network when using your wallet.

Public network

Want to trade quickly on the bus or train via your Metamask? Not the best idea. A public network is a hotspot for scams and it is therefore easy for a cybercriminal to access. No reason to panic, if you give your social media an update, but when you do financial transactions, a hacker can get your login details immediately. Due to this, it is better to only use your Metamask via a secure network. This also applies to all software wallets and hardware wallets.

Giving permissions

Quickly approve that transaction? The world of crypto is still new and we quickly become familiar with the matter, sometimes too quickly. Quickly do that swap via Metamask and immediately give approval. Please note: with every transaction you will receive a warning from Metamask which access you grant exactly. Normally they only get access to the public address to make the transaction public on platforms such as EtherScan.

It may happen that you are asked to grant a different access, which you are not aware of. This freedom comes with great responsibility. Are you not paying attention and giving approval to something you actually don't agree to? Then the damage is already done. Due to this, double checking is a must.

Hardware wallet

Do you already have quite a bit of currency in your software wallet? Then it is a good idea to invest in a hardware wallet. Always keep in mind that there is a chance that your software wallet can be hacked. The more currency you have stored on your wallet, the more interesting it is for hackers. When you use a hardware wallet, you can say with certainty that no one, except you, has access to this currency. Examples of these hardware wallets are Trezor and Ledger.

Possible Hacks

There are several ways hacks can take place. I will discuss a few here, so that you can hopefully recognize and prevent them in time.

Metamask unlocked

Suppose you want to make a transaction and you go to a decentralized exchange, such as UniSwap or PancakeSwap and you unlock your Metamask. From this point on, not only does the protocol have access to your Metamask, but all other open tabs will also see that your Metamask is unlocked. Since the blockchain is public, knowing the address of your account is enough to view every outgoing and incoming transaction that has taken place in the past. Anyone can consult this via, for example, EtherScan. A scammer therefore immediately gains insight into your currency based on your transactions. Do you have a lot of currency on your Metamask? All the more interesting it is for a scammer to take you as a target.

Fake notifications

You may receive a false notification based on your transaction. You will receive a notification that your transaction has failed, and you will receive an overview of all details, such as currency value, destination address and date. When you go over this notification, the website proposes a new transaction, for the same amount. The transaction window looks identical, although the scammers have subtly changed the address. You tend to confirm it again here, but in reality you are just sending your currency directly to the scammer.

Incoming transactions

You may also receive a notification about an incoming transaction. Based on real data from previous transactions, you will be notified that you have to approve this transaction by means of a signature. This is the same principle as when you receive a package at home, which you have to sign for receipt.

If you already have experience with crypto, you know that you do not have to give approval for an incoming transaction. Yet these are mistakes that can be made quickly, often with disastrous consequences.

Metamask locked

Even if your Metamask is locked, a website can still see that you are a Metamask user, without having your address details. As long as it remains locked, not much can be done with it, but they can trick you in various ways so that you unlock your Metamask. Let's see how this happens:

Timing

As mentioned above, all open tabs will have access to your data from the moment you unlock your Metamask. Suppose you want to make a transaction via your Metamask, and you receive a transaction proposal. Metamask doesn't tell you which site this came from; it can happen that another website suggests this to you. This automatically assumes that this transaction is legitimate and therefore also comes from Metamask and the active protocol.

Phishing

The goal for a scammer, of course, is for you to unlock your Metamask so that he can access your digital assets. Here you may get a fake pop-up screen, explicitly asking for your password and even your seed phrase. Having a password is of course important, but a cybercriminal still needs access to your private keys. If they have access to this, that's the end of the story.

Metamask security settings

Fortunately, there are also a number of things that you can set well in advance to minimize the above risks. These take place in the settings of Metamask itself. One of the most important and important settings is the automatic locking of your wallet. You can set this via the browser extension as well as via the application.

Auto-lock timer

Just like with your phone, you can have your Metamask locked automatically after a certain amount of time. It often happens that after making a transaction you forget to lock your wallet back, which again offers a scammer plenty of opportunities. How you can set the auto-lock timer via the browser extension:

  1. Go to settings – settings
  2. Go to advanced – advanced
  3. Auto-lock Timer – Set the number of minutes here

These settings are of course also available via the mobile application:

  1. Go to settings – settings
  2. Go to security – privacy
  3. Auto-lock timer

Connecting MetaMask with your ledger

The safest way of trading is always to use a hardware wallet. With a ledger nobody has access to your assets. You can also connect your ledger to your Metamask, so that after completing the transaction, you are immediately completely offline and safe from online hacks. Via the settings, you can choose to use the Use Ledger Live at advanced. This is a bridge with your ledger. You can activate this function.

Conclusion

The popularity of DeFi is increasing daily and trading on various decentralized exchanges is becoming a daily business for many investors. The first time you connect a software wallet to a DEX it is awkward and new, but after a few times it feels familiar and familiar. But at these moments the danger lurks. You become blind to the risks and possible scams that can take place. That's why it's important to keep your Metamask safe.

I have shared the main scams and scams so that you can be extra careful with your Metamask wallet. A common saying in the world of crypto is “not your keys, not your coins”. This refers to central exchanges that have power over your digital assets. In response, investors are making the switch to the world of decentralized finance, but above all, with great power, comes great responsibilities. There is no other party that acts as a backup when something goes wrong with your digital currency. No one, absolutely no one else, is responsible for your actions and transactions in the world of DeFi. That is why it is so important to observe these safety measures.

Keep your assets safe!