I wanted to share a lesson I've learned in the hard way.
Yesterday I logged on to my myetherwallet and was surprised to see it EMPTY!
A day before it had 87 ETH and 2,000 PAY
I then went into my 'transaction history' and found 3 outgoing transactions, about 14hrs ago to a wallet which I don't know. I searched the wallet in google and saw many comments like 'give me my money back' on it's etherscan chat page.
By then I was sure, I will never get my 100 ether back.
This is the address's history of the thief, you can see that he is still getting assets into his wallet:
His address is: 0xe4fa5149306B12D51DC0D04e5e95bC9704ccAAd7
A bit more investigation,
Went to my google chrome history and found out that I accidentally logged on this phishing site -
***** DON'T LOG ON****** SCAM
MyEtherWallet: Open-Source & Client-Side Ether Wallet
myetherwallet.com.ethpromonodes.com
***** DON'T LOG ON****** SCAM
Instead of the original myetherwallet webpage.
The rest you can guess by yourself.. I logged to the thief's site with my login file and password, not much later, the thief logged on to my wallet with my file and password and withdrew all my tokens from it.
My thoughts
At first, the feeling of getting robbed is hard. Much harder then losing your tokens if the market falls.
After a little time, I thought that this was a really good lesson for me. I have lost about 15-20% of my cryptos budjet. I'm sure my budget will grow back in the near future. I really believe that a lesson learned the hard way is a lesson I won't forget.
Then, I turned my thought into what I did wrong and what I will do better in the future:
Don't log into your wallet if you don't have to. It will just add up to the risk of you doing something wrong.
*** I logged to my wallet too many times just to see my balace.
Make a CEREMONY from logging into your wallet:
- Add your risky webpages to your favorites bar (after you check for the corect url)- never log in in a different way:
*** I was aware of the phishing site's scam attemts, I checked the address every time I logged in, this address started the same
- When you check the url- CHECK THE WHOLE URL
*** This phishing site has the exact same beggining as myetherwallet.com only they have added their extension after it.
Cold storage
Keep the majority of your assets on a cold storage, you can use Trezor or elseDon't download to your computer any software you are not 100% sure about.
I love blockchain and I am excited about whats going on in this great new technology
This technology has great advantages of decentralization and not needing a middleman. This ability of really owning your assets demands GREAT RESPONSABILITY.
I will be happy if my lesson will be the communitie's lesson also.
PLEASE SHARE IT
AND PLEASE COMMENT FOR MORE IDEAS OF HOW TO KEEP YOUR FUNDS THE SAFEST.