How to Secure Your CoinList Account and Avoid Scams

At CoinList, we invest heavily in the safety and security of our customers and their accounts. However, no amount of protection on our end can make up for inadequate personal security.

As the popularity of crypto climbed over the past years, so too did the number of scams and phishing attempts associated with various crypto products. According to a recent analysis by Certik, the crypto industry lost $1.8 billion to security incidents in 2023. As more and more people try to understand crypto, scammers may attempt to blend into the scene with claims that may seem plausible to the untrained eye.

At CoinList, we’ve seen an increase in the number of websites and social media accounts impersonating CoinList and engaging in phishing attempts. Given that people do fall victim to these scams sometimes, we wanted to take this opportunity to educate customers on the importance of securing your CoinList account and provide some tips to help you identify scams and remain secure.

1. Secure your CoinList account

Ensure you create a robust password for your CoinList account, ideally one that includes a mix of upper and lower case letters, numbers, and special characters, and is at least 12 characters long to enhance security. It is imperative that this password is unique to CoinList and not used in other places. CoinList requires 2FA to perform certain actions on the platform, such as placing trades or depositing/withdrawing funds. Make sure you securely save your backup codes as these can be used to log into your CoinList account if you are experiencing issues with your authenticator app.

Do not share your CoinList account credentials with anyone. CoinList will never ask you to share your login credentials with us, nor will we ask you to share any 2FA codes in order to access your account. If someone asks you for any of this information, do not share it.

If you believe your account has been compromised, please submit a ticket through our support portal and one of our agents will secure your account until such time that we are able to reconfirm your identity and assist you in regaining access to your account.

2. Secure your email

Create and use a strong password for your email address. This should be different from your CoinList login credentials or any other accounts you have. When possible, you should add 2FA on your email account specifically through an app such as Google Authenticator or Duo Mobile instead of via phone/text message. Using an app is more secure than an SMS text message confirmation as a method of authenticating your account upon log-in.

3. Secure your device

To secure your computer, you should run antivirus scans periodically on your device and regularly update the web browser and operating systems on all your devices to the most recent versions. Do not share your device with anyone.

To protect your phone, contact your carrier and ask them to place a SIM lock on your account. The method of implementing a SIM lock can differ among carriers. By adopting specific security measures, it may be possible to block SIM swap or port-out requests and limit account changes exclusively to in-person visits. For further assistance and detailed information regarding these security measures, please reach out to your telecommunications provider.

4. Avoid scams on social media

CoinList will never ask you to send funds via social media or to an external wallet. All transactions occurring on CoinList will only ever be completed through our official website: coinlist.co. Do not send funds to any person asking you to send funds via social media to an unknown wallet.

CoinList only uses social media as a way to keep in touch with our customers, not as a channel to address specific customer support needs. Please submit a ticket through our support portal if you have a support issue that CoinList can help you address.

5. Protect Against SIM-Swap Attacks and Data Breaches

In addition to the security practices already mentioned, we recommend the following actions to help protect against sophisticated threats like SIM-swaps and data breaches.

SIM-Swap Attacks:

A SIM-swap is an attack where a scammer manages to gain control of your phone number by convincing your telecom provider to switch your number to a SIM card in their control. This can give SIM-swap attackers access to your text messages and potentially bypass SMS-based two-factor authentication (2FA). Attackers might bypass any protection related to your e-mail and other accounts.

To prevent this from happening, you can:

  1. Contact Your Telecommunication Provider: Reach out to your telecommunication provider and inquire about preventive measures against SIM-swap attacks. Some providers offer additional security options, such as requiring a passcode for any SIM change requests.
  2. Consider Alternative 2FA Methods: Where possible, use authentication methods that are not SMS-based, such as authenticator apps (e.g., Google Authenticator, Authy) for a higher level of security. At CoinList, we encourage users to protect their accounts with an authenticator app of their selection and not an SMS-based 2FA method.

Data Breaches:

Data breaches are unfortunately common across the web, and your email or other personal information could be compromised without your knowledge. To stay informed and proactive:

  1. Use Security Checkup Tools: Regularly check websites like Have I Been Pwned to see if your email or passwords have been part of any data breach.
  2. Change Compromised Credentials: If you find that your information has been compromised in a breach, change your passwords immediately, and consider using a password manager to generate and store complex passwords.
  3. Stay Alert for Suspicious Activities: Keep an eye on unsolicited emails or messages that ask for personal information or direct you to suspicious websites.

By taking these additional precautions, you can significantly enhance the security of your CoinList account and your overall digital presence. Remember, staying informed and vigilant is your first line of defense against cyber threats.

The official CoinList social media channels are:

CoinList takes fraud seriously. If you think you have been a victim of a scam, please let us know by submitting a ticket through our support portal. While we may not be able to assist you in recovering assets, we will take steps to try to prevent other members of our community from being scammed. Thank you for being part of the CoinList community.


Legal notice

This post is being distributed by Amalgamated Token Services Inc., dba “CoinList,” or one of its subsidiaries. CoinList does not provide—and this post shall not be construed as—investment, legal or tax advice. This blog post and use of the CoinList website is subject to certain disclosures, restrictions and risks, available here and here.

The information provided in this blog post is meant to offer general guidance on identifying scams and enhancing account security. However, it does not guarantee absolute security. Users are responsible for implementing security measures based on their individual circumstances. The digital landscape evolves, and threats may change over time. CoinList shall not be held liable for any damages resulting from the use or misuse of the information provided. For personalized advice, consider consulting with a cybersecurity professional. By reading and implementing these tips, you acknowledge and accept these disclaimers. CoinList encourages users to stay informed about cybersecurity best practices.