Hi,
After the MyEtherWallet phishing-attack some people are concerned using MyEtherWallet.
In the following guide I'd like to show some methods to protect yourself from being a victim of a phising attack.
Some general advice:- Always make sure to keep the devices you're using to log in to MEW are free from malware.
- Instead of using your private-key directly (which is unencrypted and doesn't require any further authentication like a password) you should always use your keystore-file which is encrypted and requires a password to gain full access*
- Only log in to your MEW if you're planning to do a transaction... Otherwise you can check your balance by using your public-key as authentication-method ('View' > 'View w/ Address Only'). Another way to check your balance are
Etherscan and
Ethplorer.
As you may already know, MEW ist just an user-interface to the ETH-blockchain - your funds are connected to your private-key and not to MEW itself - you could just use your private-key to access your wallet by using other interfaces.
One of the easiest ways to prevent getting redirected to a phishing-website due to DNS-hijacking is just completely eliminating DNS-related stuff by using the local version of MEW. By doing so we've got our security in our own hands without any possible 3rd party vulnerabilities.
(! This doesn't protect from malware on your local machine !)Check out this guide on how to run MEW locally:[SECURITY] Running MyEtherWallet locallySigning your transactions on another (offline) computer also increases your security as your private-key never gets in touch with the internet.
Here's a guide about offline transactions:Making offline transactions on MyEtherWallet*In case you're storing bigger equivalents of money, you should really get yourself a hardware-wallet like the Ledger Nano S or Trezor.By the way - you may want to check this out:
Increase your internet-speed and your privacy by using Cloudflare's new DNSBest regards,
Nestade
i always using MEW extension in chrome, so from there we can just entering our password to have an access.
So our keystore file and private key is completely safe.
Also it saved in chrome chace so it doesn't need long time to load