You have complete control over the information you share on NVSTly and any other platform or website. Consider what you're sharing and ask yourself, "Is this sensitive? Can it be used to build a profile on me that I don't want someone to know about?" or "Can this information be used to access any of my accounts with social engineering or other means?" Our security and encryption methods help prevent compromising incidents, but it's crucial for individuals to follow best practices to keep their sensitive personal information safe and secure. Here are some guidelines and best practices for protecting your personal data, which is crucial in the finance industry.
Guidelines & Best Practices
Create strong passwords
Use a combination of lower & upper-case letters, numbers, and symbols. You also shouldn't be using the same password across all your platform or website accounts. You can use a password manager to help you store passwords so you don't forget them.
Enable 2FA authentication
Enable 2FA in the Login & Security section within Account Settings. Two-factor authentication makes it extremely hard for attackers to access an account it's enabled on. 2FA uses a one-time password generated every 30 seconds This will be a 6-digit code sent to Google's authentication app on your mobile device, or done through your password manager.
Don't over share on social media or chat platforms
You already know not to post or share your address, drivers' license or identification card, social security number, credit card number, or other forms of identification. But you may be sharing sensitive information without realizing it, such as your birth year, hometown, or phone number. If you're on Twitter, consider setting your tweets to private so only approved followers can see what you're sharing.
Tip: Even a pet's name could be the answer to security questions you have set to recover an account.
Links, Phishing, Scammers, & Impersonators
Phishing is a method attackers use to steal personal information or account login details by sending emails or creating fraudulent replicas of websites. They can send emails and spoof the address so it looks like it's coming from the genuine email address. Check your browser address bar to ensure the URL name is correct. Phishing sites will even use clever domains like payp.al or subtle mispellings of the legit URL address. Be cautious of links you receive from emails or someone you don't know, and always check if a website you don't know is reputable or legit. Protect yourself from imposters by always confirming with the company with whom they work that they are actually an employee or representative.
In our Discord and other chat platforms, scammers create accounts, making them identical to the user they are trying to impersonate, with the same username ,avatar, and bio. We will never send you a direct message first, and on the slight chance we do, verify the account by checking the Discord server to see if their usertag (username#0000) or user ID matches, and that they have the proper roles. Some imposters use clever tricks in their bio to make it look like they have roles, but you will never see roles in a user's bio outside of their server bio. 99% of the DMs you receive from people you don't know who usually share our or another trading-related server as the mutual server messages are scams. Any DM's regarding giveaways are 100% scams. These are typically bitcoin or other crypto giveaway messages where you sign in to claim it and connect it to your crypto wallet, but instead your assets are stolen.
To learn more about protecting yourself on Discord against scammers, refer to this blog article: https://nvstly.com/blog/Scam-Defense-Prevention-on-Discord-872870
Wi-Fi Security & Mobile Devices
Public Wi-Fi is less secure than your private network because you don't know who set it up or who else is connected to it. Can the Wi-Fi provider be trusted? If available, it's better to use your mobile device as a hotspot instead. Always use HTTPS on public Wi-Fi. Internet browsers like Google Chrome will warn you when attempting to connect to an HTTP address by labeling it "Not Secure."
Don't give away too much information. If you are required to sign-up to use a public Wi-Fi with an email or phone number, then make sure it's from a place you can trust. Make sure to limit AirDrop or file sharing when on a public connection. Using a VPN is the most effective way to stay safe on a public Wi-Fi. It encrypts your data traveling to and from your device and puts you on a secure server, making it harder for others on the network or its operator to see your activity or details.
Enable remote location and device wiping so if your phone is lost or stolen, you can wipe sensitive information. You should also disable Bluetooth when you're not using it. Lock & set a passcode to enter your phone.
Tip: Did you know that your fingerprint could be lifted off an object and be used to unlock your phone?
These are just the most basic and practical guidelines and practices you should follow to help protect your personal information & data. You can look up guides to check out what other methods or practices are helpful to your information staying secure. If you receive any suspicious messages from users in our Discord, please report them by using the !report command or by using the #help channel and pinging a moderator or staff member.
