So you are your own bank now

Good morning/evening
 
It seems that not a day goes by without hearing about a scam or hack or someone you know has had their wallet drained and with the Coinbase data leak, I am sure more people will have issues in the near future. We have had the recent Sui /Cetus hack where flaws in their smart contract were exploited by an attacker sending fake tokens that had no real market value. These spoof tokens tricked the protocol into thinking they were legitimate assets. Once accepted, the attacker used them to manipulate price data, effectively skewing the system into overvaluing the tokens.
This manipulation allowed the attacker to drain the liquidity pools, the critical reserves that allow decentralized exchanges to function. By trading their fake tokens for real ones, they escaped with legitimate assets, leaving Cetus and the Sui ecosystem in chaos.
 
It feels great to think we are our own bank, decentralization is amazing and you feel empowered but it can also be a bit scary. If something goes wrong it is on us, no one else. If you do not have a hardware wallet then you should really consider getting one, but here is a brief run down of some types of wallets.
 

 
While I was thinking about regulation of crypto and KYC and so on, I did think about 'other alternatives'. Some of these may not be legit and would need time to be thoroughly researched before I would even consider using them.
 
Hot wallets
These are wallets connected to the internet, apps like MetaMask, Phantom and Trust Wallet. They are super convenient for trading, staking, and clicking on mysterious airdrop links at 2 a.m.(only joking, don't do this....ever)
The Good:

• Easy to use
• Instant access to DeFi and NFTs
• Works well with browser dApps

The Bad:

• Constantly exposed to hacks
• Vulnerable to phishing and malware
• One wrong click, and poof—gone

Think of it like carrying thousands in cash… in your unlocked glove compartment.
 
Cold Wallets
Hardware wallets like ledger, Trezor and Tangem store your keys offline. Unless someone physically steals the device and guesses your PIN, they’re out of luck.
The Good:

• Immune to online hacks
• Ideal for long-term HODLing
• Can sign transactions without exposing keys

The Bad:

• Lose it, and you’re done
• Some setups are not as 'idiot proof' as advertised
• Recent firmware hacks prove it’s not perfect

Using a cold wallet is like owning your own vault. Just make sure you keep your seed phrase safe.
 
Exchange wallets
These are wallets hosted by exchanges or platforms like Kucoin, Coinbase or Binance. You don’t own the keys, the platform does and we have all heard the words, not your keys, not your cheese.
The Good:

• No seed phrase to lose
• Easy account recovery
• Great for beginners

The Bad:

• If the exchange goes down, so does your crypto (see: Mt. Gox, FTX)
• Subject to withdrawal limits, freezes, and 'maintenance' which will most likely occur as you are trying to buy the dip, or cash out!
• Basically a bank

When you use a custodial wallet, you're trusting someone else not to screw it up and in crypto that’s a big ask.
 
I do use all 3 types of wallet, yes I know and someone I think very highly of describes CEXs as public toilets, do your business and leave. ( I love this analogy).
There are a load of scams to be aware of, here are a few.
 
Fake wallet apps
 
You search for 'MetaMask' in the app store. You download the top result. Except it’s not MetaMask it’s 'MetaMasq' by a developer named VladCrypto123.
You install it, create a wallet, and boom, your crypto is drained before you can say 'rug pull'.
 Tip Only download from official sites. Bookmark them. Don’t trust app stores blindly!
 
Phishing Dapps and Airdrops
 
That Twitter airdrop you saw looks legit. Everyone’s claiming it. All it asks is to 'connect wallet.' Seems harmless, right? Wrong. You just signed a malicious smart contract that gave a scammer full control. Congratulations, you just donated to the Web3 version of a Nigerian prince.
 Tip Use a burner wallet for untrusted dApps. Never sign contracts unless you know what you are signing. In fact, never click on any Twitter link!
 
Support scams
You post a question in a crypto Discord, and you instantly receive a load of private messages offering help. When I used to help with newbies and setting up Helium it was always public, why would it need to be a private DM? It is because they do not want to help you, just help themselves when they casually say they need your seed phrase! NEVER SHARE YOUR SEED PHRASE, yes I shouted that because nobody should share it with anyone. 
Tip There is no support, well not that will call or email you first to 'help' you because your wallet is compromised.
 
.
Paranoia
 
A small dose of paranoia is not a bad thing if it makes you think twice. If you think you have a dodgy email, delete it (you can tell the sender's address without clicking on it, but sometimes it is only 1 letter that is different). Tiredness, yep we have all been there, your tired, that project your following has said there is an airdrop but you have 24 hours to claim, just click here, well don't and if you do by mistake, hopefully your using a burner wallet and realise as soon as you click it is a scam so then you revoke all permissions.
 
 

• Use a hardware wallet for significant holdings
• Don’t store seed phrases digitally—use pen and paper or a metal seed plate
• Bookmark official websites and always triple-check URLs
• Never click links in unsolicited DMs or emails
• Use separate wallets for daily use vs. storage
• Regularly update wallet software
• Enable 2FA where possible 
• Test with small amounts before making big transactions

 
So yes, your wallet can be safe. But only if you are careful, skeptical, and slightly paranoid. In this ecosystem, trust no one and verify everything or you could be one click away from a very expensive life lesson.
 
My thoughts
 
At times it can feel scary but all you can do is try and be careful what you click on or approve, revoke permissions and be vigilant. Run scans on your laptop, consider a VPN. I have clicked on a scam link when it was late, I was tired and I thought I was going to miss out, luckily it was a burner wallet and as soon as I clicked it and realised it was not right I revoked all access straight away, it is easily done. Is it all worth it, yes most definitely.
 
As always, thank you for reading and please feel free to comment and share your thoughts.