Buy BitcoinThis website use cookies to ensure you get the best experience on our website.
Your funds are your funds, and your crypto is your crypto: CryptopiaFX maintains internal systems, like a bank or a broker. Our fully audited ledger identifies your account, your fiat and crypto holdings, and tracks your account activity in real time. There’s never a situation where customer funds could be confused with corporate assets.
We will never repurpose your funds: We do not lend or take any action with your assets, unless you specifically instruct us to. Many banks and financial institutions use customer funds for commercial purposes including lending and trading, meaning that they often hold only a fraction of their customer assets at any given time. CryptopiaFX always holds customer assets 1:1. This means that funds are available to our customers 24 hours a day, 7 days a week, 365 days of the year. The crypto space is a dynamic one, and we will always seek to use the best structures to ensure that our clients’ assets are managed in the safest way possible.
Phishing is any fake email, SMS message, or website that impersonates a real person or company in order to steal your personal information. They are designed to look and feel legitimate and can be difficult to spot. Remember, phishing attacks come in different shapes and sizes. They can be very sophisticated and difficult to spot at first. Emails, SMS messages, and automated voicemails are the most common channels used.
Keep your personal information private: Avoid sharing sensitive information, like usernames, passwords, and credit card numbers with people you don’t know.
Take your time: Be patient and extra vigilant when examining urgent requests from unknown or unsolicited senders.
URLs are your allies: Look at URLs and make sure there are no common typos in the web address. Attackers will often use domain names that are nearly identical to the one they are impersonating
Hover, don’t click: Avoid clicking links in emails before checking, especially if the email is unsolicited or is “urgent.” Hover over the link first and if the alt text doesn’t match the display text, don’t click on it. Look for bad grammar and misspellings. Misspelled words and bad grammar are signs that something is wrong. Be thorough and pay attention to these small, but important, details
Too good to be true: Any promise of extravagant rewards or monetary compensation should be treated with the utmost suspicion. Avoid clicking or downloading anything from messages that claim to offer you unrealistic rewards.
Always use strong and unique passwords: A strong password is complex and unique. Avoid passwords that would be easy to guess and never reuse passwords across multiple accounts.
Protect your seed phrase: A seed phrase is a string of 12 to 24 words that is literally the key to a non-custodial crypto wallet. Anyone with access to your seed phrase has access to the crypto in that wallet. Be sure to protect your seed phrase.
Be mindful about what you make public: Avoid posting personal information online. The more information you put out there, the more data for an attacker to target you. Don’t make yourself an easier target
Lock your account if you think something is wrong
If you think your account has been compromised, you can lock it down and contact CryptopiaFX Support for assistance.
Don’t share your credentials with unknown parties: Remember, our support team will never ask for your password, 2FA codes, or for you to install any additional software.
Never grant remote access to your accounts: Avoid giving anyone access to your computer. If someone wants in, chances are they’re up to no good.
Write down your private keys and store them in a safe place. In order to best protect your assets, never give out your private keys.
The CryptopiaFX Security team takes numerous safety precautions to secure your account. This includes checking the dark web for signs that a third party may have compromised your CryptopiaFX account sign-in credentials. To ensure the safety of your account, CryptopiaFX will notify you to change your password if we find that your password may have been exposed through data breaches from other websites. This gives you the opportunity to change your password before your information can be used against you.
How did my password get exposed? While we can't always tell exactly how an attacker got your password, it's typically due to one of the following reasons:
How do I secure my account? We strongly recommend that you immediately:
When you create a CryptopiaFX account, we use an algorithm called bcrypt to turn your plaintext password into a hash that’s unique to your account. This means that your password is stored as a random string of information which makes it hard to figure out. Therefore, no one—including CryptopiaFX—can decrypt your stored hash to figure out the underlying password. Instead, when you sign into your account, our system verifies it’s you by the stored hash that returns in our system.
A phone-based attack (also known as SIM-swap or phone-port attack) is when an attacker has their target's phone number transferred to a mobile device under the attacker's control. Fraudsters do this through a variety of means, including identity theft and socially engineering mobile-carrier customer-support representatives. This type of attack is a threat to all accounts using SMS-based 2-step verification and any account that can be recovered using phone-based authentication.
If you were not expecting to receive a device confirmation email, this means that someone was able to use your password and 2-step verification code to begin signing in to your CryptopiaFX account. Immediately perform the following steps to help ensure the security of your CryptopiaFX account. Change the password to both your CryptopiaFX account and your email account. You should use passwords that are entirely new, unique, complex, and unrelated to each other or other passwords you’ve previously used.
This website use cookies to ensure you get the best experience on our website.