Security guide

Bitcoin, as a technology, is extremely secure but sometimes the way we use it is unsafe.

Hackers and scammers are always looking to take your bitcoins because bitcoin transfers are irreversible. With a few simple precautions, you can keep your account and your bitcoin safe.  

Here are some of the ways to secure your account:

1. Have a strong password.

When creating a password, use both upper and lower case letters, as well as numbers and special characters. Also, use different passwords for different online or social media accounts to keep the hackers off your back. 

2. Don't use the same password for your email and your Paxful account.

It is very important to have different passwords for your email and your Paxful account. This is because hackers usually target your emails. All email domains have different levels of security. In the worst-case scenario, once hackers gain access to your email, they will be able to access the funds in your Paxful wallet. 

3. Never share your password.

As obvious as it may sound, there are cases when users are forced to give away their passwords. For instance, scammers may impersonate Paxful administrators and request you to share your account details. Please remember that Paxful staff and representatives will never ask for your password or other sensitive account information.

Also, if you happen to be in a trade dispute and you are asked by our moderators to provide a screenshot or a video as proof, make sure that your passwords cannot be seen on those files.

4. Configure security questions.

It is a fundamental part of building up your account’s security. You must set your security questions as soon as possible. It can be easily done from your account settings. It is important to memorize the security questions that you set and the answers to them as well. So pick questions and answers that you will never forget. It would be unwise to write them down somewhere because they are just as important as your password if not more.

5. Enable two-factor authentication.

Two-factor authentication adds an additional layer of security to your account.  Using Authy or Google Authenticator is recommended over using SMS as hackers have a tactic called “SIM swapping” through which they can get a hold of your SMS messages. Receiving SMS also depends on the network provider and can be intermittent in some countries or regions and during times of high cellular activity. You can activate 2FA in your account settings. You can also check our guides for setting up Authy and Google Authenticator.

6. Keep your email information safe.

Protect your email address linked to your Paxful account and never share it with someone you don't know, during trades or private chats. Hackers can target your email to get access to your account or to your personal information.

7. Verify your account. 

Verifying your phone number and email will not only indicate you’re a safe trade partner but verifying your account with further identity documents will also help you to restore access to your account should you lose access to it.

Useful links:
Where to verify my phone and email?
Where to verify my ID?
Phone verification guide
Email verification guide
ID verification guide
Address verification guide

8. Avoid phishing scams. 

There are different ways scammers can try to attack you: impersonating websites, sending you fake emails and SMS, sharing suspicious and malicious links in trade chats.

We as a service provider are constantly improving our security levels. However, we cannot protect you completely without some effort from you as well.

  • Always make sure to check the domain address you are visiting.

Check your address bar https://paxful.com before entering your account details. HTTPS SSL certificate is important.

  • Do not interact with suspicious emails. It is best to not even open emails that look suspicious to you.

Do not give away sensitive data or click on suspicious links. For additional information see: I received a suspicious email. Is it from Paxful?

  • Be wary of unexpected SMS messages from unfamiliar senders.

Paxful sends you SMS only with security codes related to 2FA and phone verification.

  • Be mindful of trade chat conversations.

You must not share contact information in trade chats as scammers can try to cheat you on off-site trades, try to impersonate you or show that you had traded with them off-escrow. Do not provide any personal information, unless it was clearly mentioned in the offer terms or instructions. 

Do not click unknown links in the trade chat. Ideally, avoid trades that require using third-party links completely.

9. Don't try to buy a Paxful account from someone else.

Most likely, the seller is trying to cheat you and get into the account after you load coins into it. Furthermore, this is a violation of Paxful Terms of Service and such accounts will be banned.

10. Force devices and apps to log out.

Simply locking the screen of your PC or smartphone is not safe enough. It may always happen that you lose your device or use a public PC which may give additional opportunities to people with malicious intent. It is a good practice to log out of the Paxful app or platform at the end of your session, especially while using public devices that others may have access to.

11. Keep your browser and operating system up to date.

Hackers constantly find new methods to go around existing security levels. This is why browsers and operating systems are constantly improved by developers and get updates regularly. So it is important to install these updates on your machine and ensure that your browser is always up to date. At the same time, do not download unnecessary software from untrusted developers.

12. Keep your Endpoint Security software up to date. (Antivirus, antimalware, personal firewall)

We suggest you use officially licensed versions of security software on your machines.  Remember that this software also requires frequent updates and maintenance. 

13. Try to avoid the usage of public Wi-Fi hotspots.

There are numerous technical ways for hackers to misuse wi-fi hotspots. Ideally, use a wired connection or a protected wi-fi network.

The points listed above are the most important. However, there is more to learn on the subject of online security. Read more on the topics of online security, identity protection, and so on, and implement the latest recommendations and best practices that you come across.

Articles in this section