Skip to main content

How can I make my account more secure?

Webot Support
Updated

Webot takes extensive security measures to ensure your account and cryptocurrency investment remain as safe as possible, but ultimately, security is a shared responsibility. Here are some actionable steps that you can take to help safeguard your investment and keep your account safe from unauthorized access.

Use a strong password

Use a password that is long, random, and unique to your Webot account. Never use the same password twice across your online accounts! To make it easy, here is the password reset guide to strengthen your password now.

We also recommend using a password manager like 1Password, or Dashlane to easily generate and securely store unique passwords for all your online accounts. 

If you don't want a password manager, use a passphrase (a sentence or group of four or more words) for your account. However, be careful and do not choose a phrase from a book or a movie as hackers have access to sophisticated databases of such quotes.

Important: Never disclose your password to anyone. Webot employees will NEVER ask for your password.

Use the strongest form of 2-step verification 

You can greatly reduce the chances of your account being compromised by using a mobile authenticator app, such as Google Authenticator.

Google Authenticator can be enabled in your account’s security settings. If you need help enabling these features, please review this support article outlining the necessary steps. To add an extra layer of security to your account, you should also consider enabling 2-step verification for all cryptocurrency sends. This feature can also be enabled in your account’s security settings.

Suppose you don’t own a smartphone and are restricted to receiving your 2-step verification codes via text. In that case, you should follow the steps in the section “Lock Down Your Mobile Account” to reduce the likelihood that you will suffer a SIM swap or phone port attack.

Secure your email

Your email is one of the most important connections between you and your Webot account. We use your email to confirm new devices, send you important alerts about your account, and communicate with you if you need support. Please make sure it is secure!

For starters, visit https://haveibeenpwned.com/ to see whether or not your email address has ever been compromised in a third-party data breach. If so, we recommend changing any passwords associated with that email address. You should also enable 2-step verification on your email account as well.

As an additional security precaution, you should conduct a periodic security review of your email account and settings as well:

  1. Check your email account for unusual rules, filters, or forwarding addresses.

  2. Check your email account settings for authorized devices you do not recognize.

  3. Check for unauthorized recovery emails or phone numbers added to the account.

For those who feel like they may be at risk of targeted account takeover attempts, check out Google’s Advanced Protection Program.

Lock down your mobile account

A SIM-swap or phone port attack occurs when an attacker transfers their target’s phone number to a mobile device under the attacker’s control. Fraudsters can do this through various means, including identity theft and socially engineering mobile carrier customer support representatives. This attack threatens all accounts using SMS-based 2-step verification and any account that can be recovered using phone-based authentication.

To help protect yourself against this type of attack, please complete the following:

  1. Call your mobile service provider and tell them you’d like to place a port freeze and SIM lock on your account.

  2. Ask them to create an account note requiring you to be in-store with a valid photo ID to port or transfer your phone number to a new device.

  3. Ask them to add or enable a PIN to be used when making changes to your account.

  4. Inquire about other security measures you can enable on your mobile account to prevent unauthorized changes.

Even if you don't use SMS-based 2-step verification, you should protect your mobile device by enabling a screen lock. This will help prevent thieves from accessing your Webot account and email if your phone is stolen.

Keep your devices clean and updated

While many types of malware can infect a device, a few, in particular, can be especially worrisome. Keyloggersremote access trojans (RATs), and cookie-stealing malware can all steal your sign-in credentials and gain unauthorized access to your accounts. 

To protect your devices from these types of threats, consider the following:

  • Utilize anti-virus protection and scan your device regularly. You should also be updating your virus signatures as often as possible to stay ahead of new threats.

  • Keep your device updated with the most recent operating system and security updates.

  • Keep your web browser and all other software updated with their latest versions.

  • Uninstall all questionable or unnecessary pieces of software from your device, especially tools that allow remote access.

  • Install an ad blocker like uBlock Origin in your browser to help protect you from malicious ads.

  • Practice safe web browsing habits and never click suspicious links or download programs.

  • Please don't install and use browser plug-ins or add-ons developed by unknown third parties.

  • You can use a screen lock and password to access your device.

Protect your cloud storage accounts

Many people who use smartphones often use cloud storage accounts such as Google Drive or iCloud to create backups of the data saved on their mobile devices. This data often includes messages, contacts, emails, apps, photos, etc. Suppose an attacker gains access to your cloud storage account and restores the device backup onto a device in their control. In that case, they will have vast information to help them compromise your various online accounts. Do not underestimate the power of an attacker with access to this information!

Luckily, you can easily secure and protect your cloud storage accounts by following a few basic guidelines we’ve already covered:

  1. Create a strong password! Preferably using a password manager.

  2. Secure it with the strongest form of 2-step verification available.

  3. Protect your email account.

Or, if you want to completely avoid the risk of an attacker being able to back up your mobile device data, you can disable backups altogether in your cloud’s account settings.

Bookmark Webot

Bookmark https://www.webot.com/ in your browser and only use this link to access Webot. If you ever receive any text messages or emails about your Webot account, always use the bookmark to navigate to your Webot account.

Stay alert for phishing

If you are unsure what phishing is, please take a few minutes to read our article about phishing here.

If you receive a message appearing to have been sent by Webot, and you believe it is suspicious, you can always forward it to service@webot.com to verify its authenticity.

Utilize the Address Book and Allowlisting Feature

Allowlisting is an Address Book feature allowing users to add and store any number of crypto addresses, making sending crypto to those you know and trust easier and safer. Users can:

  • Add a crypto address for any of the supported cryptocurrencies

  • Assign a nickname to the address

  • Save new addresses to the Address Book after withdrawing crypto to an unknown address

Allowlisting is a security feature in the Address Book that allows crypto withdrawals to only go to addresses (external or Webot) already designated in your Address Book. Requiring 2-step verification to enable/disable the feature, the feature allows users to withdraw to verified addresses more safely. Users can:

  • Enable or disable this feature within the Address Book

  • Continue to add new addresses to the Address Book

  • Withdraw crypto only to addresses saved in the Address Book

Practice due diligence

Please always do your best when installing software or applications on your device to access your Webot account. Additionally, you should research when allowing third-party applications to access your account. Avoid installing software from unknown or otherwise shady sources. This includes “free” or cracked versions of commercial software. Browser plugins can also be risky to install. Ensure you always install browser plugins from your browser's official browser plugin repository.

On another note, it is common practice for scammers to impersonate Webot and Webot support on social media. Before engaging with anyone claiming to be Webot on social media, please check if it is one of our official accounts. If not, please immediately send the link to the impersonation account to service@webot.com.

Contact Customer Support

If at any time you have an account security concern or question, please do not hesitate to contact Webot Support. Only contact Webot using the information listed in this contact support article. Fake customer support numbers and websites are a constant threat—please be very cautious with any information you find via forums, social media, and Google Ads.

As a rule of thumb, remember that Webot staff will never:

  • Ask for your password, 2-step verification codes, or email access

  • Ask you to install remote sign-in or remote support software on your computer

  • Ask you to send money to resolve issues with your account

If anyone claiming to be associated with Webot Support requests this information or calls you directly, please cease all communication and immediately contact us.

We hope this information helps you take your account security to the next level. If you have an appetite for more security-related content, check out some of the latest blog posts published by members of our security team here: Privacy and Security

Related articles

Comments

0 comments

Article is closed for comments.