One of the common warnings that people unused to the web tend to give others is that it's unsafe. You never really know if who you're talking to are who they say they are and there are a multitude of websites with the simple goal of stripping you off money or your safety. How can you avoid this and what common practices should you utilize while being online to avoid you, your money, your computer and your assets being safe?
I'll try to keep this seperate to two sections, safety on the internet and safety for your crypto.
Keeping yourself safe
1. Passwords
Passwords are a nobrainer when browsing the web, but it's not always so easy knowing how to use them properly. Using a strong password that you write down or remember works fine, however it isn't very safe, brute forcing a password can take anywhere from 5 seconds to 5 years. Bottom line is if you don't change passwords or use multiple ones these will be leaked or brute forced.
What you should do is have a password manager than can generate passwords for you, such as bitwarden (not sponsored). Along with this it would be preferable if these passwords are stored on your pc online/offline and are encrypted. Also use different passwords for different accounts, even using two seperate ones for accounts you care & don't care about is a step in the right direction.
2. 2FA, for when passwords fail
When your passwords fail, which they will, it's important to have a backup. 2FA allows you to control logins and recover accounts/passwords safely, however, NEVER use 2-factor authenticator through sms. Phone numbers are easily spoofed or faked and thousands of accounts get hacked through simple sms-spoofing.
Make use of 2FA a common practice and always backup your 2FA device or the codes you are given to prevent being locked out from your accounts.
3. Burner email addresses & email note taking
Companies and scammers want your email address, don't let them have it. At the moment of writing this I have 7 different emails and 2 of them are work emails, I have them in different layers, backup, social media, finance, private & throw-away. Something you'll very quickly find out is that once someone has your email, it'll be tough to hide it again. Email addresses aren't indexed on the web and such carry value to people that want access to them. Have email addresses you can use for social media accounts or finance etc. to prevent companies and scammers (and hackers) having access to your most important one. They neccesairly don't need to be hard to remember or too different, email.socialmedia or email.backup is enough of a difference.
The second part to this is note taking. All email providers have the same syntax allowing things to be added to an address without changing the recipient. For example for my email to publish0x I have email+publish@gmail.com as a address, easily allowing me to filter my inbox and keeping track of who is selling my data/address. Dots (.) are ignored in an address allowing for easy seperation and a plus sign (+) notififes the provider that the following text until the @ is to be ignrored, thus allowing you to add notes onto your email addresses. This also makes it easy to prevent spam emails, simply block any emails sent to email.mynotehere.
4. Your data and digital footprint
This is the last part for keeping yourself safe on the web. Anything you do will be tracked and sold, so act accordingly. If you have a facebook account, the whole world can find out a great deal about you. Simply don't post too much and be careful about sharing. Keep in mind which website stores your info or tracks cookies. Several browsers can block these and allow you control. Once your data has been collected, it's on the web for good. VPN's can help with this but those companies can and will still track your data, if anyone wants it they just ask for a price and you're back to square one.
5. Backup your phone/PC
Having an external harddrive or a cloud service to backup anything you have data-wise is invalueble. Simply backup them reguraily and get used to being able to reset your phone and PC. If your PC or phone were to be compromised and get a virus or trojan you can simply reset it and use your backup to remove anything nasty. A good anti-virus won't really save you if you already are being thoughtful online, being able to do a clean wipe without consequence is safer.
So, now we're through the personal part about keeping you safe, hopefully you kept up so far. What about your money, gains & portfolio? How do you keep those safe? Practice the previous four steps along with a few extra tips.
Keeping your crypto safe
1.Burner wallets
Pretty much the same thing as burner addresses. Have wallets you don't really use or keep much of anything of vaule on. These can be given out to people trying to scam or hack you aswell as if someone tries to force you into giving them access. Also always try to use a burner wallet or unused wallet if you're trying to avoid being identified. Exchanges and such have something known as KYC forcing them to know who is using their service. If an exchange know who you are, and you send funds from an unkown wallet. That wallet is now connected to you and people know you own it.
2. Wallet to match you crypto
If all your coins would dissappear today, how much would you be affected? Not at all, you can keep them on an exchange, why not stake them while you're at it? You'd be affected a bit, a "hot" wallet would be good for you, trust wallet or metamask. Most wallets offer staking and they keep your coins safe. Not your keys, not your coins. It would financially affect you, invest in a cold wallet, trezor or ledger or similar. Keep your coins there and keep track of your seedphrase. This is as safe as you can be when it comes to protecting your coins.
3. Your seedphrase
This thing you need to remember, if you lose this all your crypto would become unsafe in the affected wallet. Set up your wallet, transfer a small amount of crypto into the wallet. Reset it. Input the seedphrase. If your crypto is there you can freely use the wallet. For the storage of your seedphrase, preferbly write it down on paper. Noting it down on anything with a internet connection or MAC address could expose it to hackers. Preferbly note it down on material that won't be destroyed in a fire or degarde over time, such as metal. Separete the phrase into seperate bits, don't keep them together. If your memory serves you well, keeping just the first few letters of each word would be an immense upgrade. Place this important bit of information where if someone broke into your home, they wouldn't find it or know what it is.
4. Double check your addresses
Most common loss of funds can be attributed to typos in wallet addresses. Always double check your addresses before you send, first few and last letters should be enough. Be careful as a common scam is a clipboard skimmer or keyboard tracker, keeping an eye on your addresses or changing them when you paste, sending over your funds to a hacker's address never to be seen again.
5. DYOR
Do your own research. This even goes for this post, everything I said shouldn't be taken at face value. You should always double check anything you hear or see, especially online. Don't buy any crypto or coins you don't believe in as they can lose their value over night. Don't use a unpopular exchange, they can easily be rug-pulls. Always go into something new thinking, "how do they make money of this" & "how much of a risk is this to me and my funds". Both of these questions always needs to have an answer or it's not worth the risk.
Those are the 10 steps I practice to keep me and my crypto safe online.
Neither have been compromised so far and hopefully this will keep you safe as well.