We want to make sure that all of our users know how to use ShapeShift securely. Check out these security best practices that can help protect your assets when using ShapeShift.
Don't Click Through Links
One of the most important tips from our crypto security experts:
NEVER CLICK LINKS that are sent to you!
Do not follow e-mail links or links sent from Slack or Telegram. Bookmark https://shapeshift.com/ or carefully type in the address every time you visit.
Don't Click Google Ads
Ads at the top of search results pages have been a common tactic to try to trick users into visiting false websites. This may be a legitimate ShapeShift ad, but verify that the page you land on is actually https://shapeshift.com/. If it's not, leave the site immediately.
Verify the URL
Look very closely at the URL before you send funds to any deposit address. Some websites try to create fake copies of ShapeShift to get funds deposited to these fake sites. Check the URL for misspellings, symbols, or anything that looks suspicious.
If the URL is typed correctly in your web browser, it will read: HTTPS. HTTPS is used for protecting page authenticity & to keep web browsing private. Learn more about HTTPS here.
Check out this video to learn a little more about how SSL works with HTTPS.
A Note From ShapeShift
We're aware of fraudulent phishing sites that pretend to be ShapeShift in order to attempt theft. Unfortunately, this has become increasingly common in this space and we have to be vigilant to protect ourselves.
We engage with a brand protection vendor to take these kinds of threatening sites down. This is one of the many precautions we take to protect our users.