Cookie Finance Security Check 🔐

At Cookie Finance we continuously investigate new forms of malicious behavior in the cryptocurrency world.

It is our goal to protect our users from attacks or other activities that may lead to a loss of funds or investment.

This article will touch on general Wallet & Password security as well as some Windows-specific guidance to protect you and your funds.

Wallets & Passwords

Having a strong wallet and password combination is critical to your long-term security.

An intelligent crypto-investor will not keep passwords or private keys in notepads (.txt, Stickynote, etc) nor in word composition softwares (Word, Docs, Gmail, etc).

Avoid keeping confidential information for your accounts in any web location, or any computer connected to the internet.

Keys stored in easy-to-find locations, in formats without encryption are considered low-hanging fruit for the aspiring hacker — they will be picked if the reward is sweet enough.

Everyone at this point should have an old laptop that has refused to die; disable the wifi and use it in conjunction with a USB drive to keep your keys and passwords safe and in a hard to reach spot.

Remember, redundancy is incredibly important. Never keep all of your eggs in one basket. There is nothing wrong with writing down your keys and passwords and storing on paper in a secure location.

There are also many popular hardware options for safe and secure methods to store keys privately offline, including the Ledger and Trezor.

Researching these two will undoubtedly reveal many solutions for hardware and software key storage.

Just today Binance tweeted 7 easy steps to improve your Binance & Wallet Account Security.

TLDR; this article included guidance on:

  • Password Strength
  • Enabling Two-Factor Authentication (2FA)
  • Using Universal 2nd Factor (U2F)

An additional article will be needed on U2F, however there are many popular 2FA options for both mobile and desktop applications.

Check out Authy & Google Authenticator if your browser and phone do not have 2FA enabled.

Browser Security

Many of us use a combination of Metamask and Binance in various browsers and environments.

With regards to browser security it is important to have additional safeguards enabled to protect you from various forms of web-attacks.

Check out uBlock Origin and AdblockPlus for web-plugins for your specific browser:

These plugins reduce the connections established to your browser and stop countless forms of malicious attacks. Do not stop at native browser security, using any form of updated plugin will help protect your browser and wallet.

Targeted Attacks

Targeted attacks can come in all forms. DMs from users pretending to be admins, DMs from scammers attempting to get you to click on links, imitation websites and exchanges.

You must be highly scrutinizing of all links that you click.

Recently, an old exploit has been revived which includes hiding Executable files (Trojans) in common or misnamed file types.

Screensaver (SCR/.scr) files are being being used to send executable files that can relinquish control of your Metamask wallet.

An example of a Google Drive link that may hide an .scr executable in a file with an image filename.

-Do not click on any random links sent to you on telegram.

-Do not download any files from people that you do not know.

-Make sure you check the file extensions of files you download.

You may have file extensions hidden by default (on Windows). Windows is good at making you think you are viewing the real extensions, but you are probably not.


(Mac users can follow these instructions.)

Navigate to This PC and go over one tab at the top to “View”.

From the View tab, you will click the Options button at the far right.

The drop menu will have an option for “Change folder and search options”.

You will want to again navigate over to the “View” tab, and below will be an option for “Hide extensions for known file types”.

You will want to make sure this is unchecked so that you are always seeing a non-filtered version of filetypes.

Go look in your Downloads, Documents, Desktop, Pictures — you may be surprised by what you find. Lets hope you aren't.

Message @JBJFourier on Telegram if you see something weird, he will help you.

Wallet Allowances

Lastly, we will quickly speak about Metamask wallet allowances.

If you navigate to one of the following websites, you will find your Metamask BSC wallet allowances:

Once you have connected your Metamask wallet, you will see a list of sites. You will most likely see ApeSwap, PancakeSwap, and many others.

Token Approvals on Binance Smart Chain for the given wallet.

These are sites that you have allowed to act on your behalf during your transactions.

Go ahead and remove any that you don’t need any more. They are not necessary and we want to reduce the exposure of our accounts.

Alright everyone, this article has gotten a little bit too long. I will try to have a monthly or bi-weekly security review to keep us apprised to BSC network security and best practices.🍪



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Cookie Finance

Cookie Finance


Secure & Sustainable DeFi Solutions #BSC🔥 #DeFi📈 #Insurance☂️ #CookieDeFi🍪