Security Guidance

Modified on: Tuesday, July 16, 2024

Security Awareness

At SMART VALOR, the security of our services is of the highest priority. Security and data privacy are built into our process, to ensure the trust of our customers and the security of their funds. That said, you also play an important role when it comes to securing your account and funds. This is why we’ve put together a helpful list of the best practices you can apply when accessing SMART VALOR, or any other exchange, from your device.

 

Keeping your SMART VALOR account and funds safe

There are multiple things you can do to increase the security of your account as well as certain habits to avoid. Here are some of them:

 

  • Always use your own device when accessing your account. Shared devices can be set up to access personal data, like tracking and collecting your login information.
  • Avoid using public WiFi networks and poorly-secured connections when using your account. These networks can be used to steal login credentials, credit/debit card numbers, and other sensitive personal information. 

If you have the time, feel free to read up on this topic. An easy to understand article that describes the risks and how exactly fraudulent actors could use public WiFi to steal your information can be found here: Android Authority*

  • Access to your API Keys allows other people to move funds and assets on your behalf. With API access permission, third-party apps or services can execute trades, diversify funds, and collect account data. Be sure to verify who has access to your account API Key (if you use it). Once you stopped using a service provider, remove their access. 
  • Always double-check your deposit and withdrawal details when sending funds. Avoid typing the transaction details manually as this is error-prone and could lead to loss of funds.

 

What security options does SMART VALOR provide me with?

You can enable some built-in security features for your account such as the Anti-Phishing code and 2FA. More on these can be found here: 

 

One-time passwords (OTP) are enabled by default for multiple different account actions. These OTPs are sent to you via email, so make sure that you have a secure email address that only you can access.

 

What else can I do to secure my account?

We recommend ensuring that the following things related to your account are secured and that you take additional steps to improve their security:

  • Email address and Email address password
  • SMART VALOR account password

 

We recommend using strong and unique passwords for all of your accounts. Password managers can greatly help with this, as they can help you generate, manage and store your passwords securely. Make sure to update your passwords every so often for added security.

When it comes to your email address, we highly recommend using a unique one for your SMART VALOR account. If this is not something you are willing to do, you can check out the following articles to make sure your email security is as high as possible: Reputation Defender*, Tech Safety*

 

What should I keep in mind when accessing SMART VALOR and VALOR PRIME products?

If you are logging into your SMART VALOR or VALOR PRIME account, or just generally accessing the SMART VALOR website, we recommend keeping an eye on the following things:

 

  • Make sure that you are on the correct website. Fraudulent actors have gotten increasingly good at pretending to be reputable companies and websites. Always double-check the links you’re about to click to see if they are legitimate.
  • Learn or bookmark the correct links to any platforms you are using.
  • If your SMART VALOR or VALOR PRIME account information is stored in a password manager, you can use the “Open and Fill” option, where available, to directly go to the correct place and log in securely.

Keeping your devices safe

Device safety is just as important as account safety. Here are some things you could do to keep your devices safe:

 

Install antivirus software on every device you use or enable the built-in antivirus of your Operating System (OS).

Microsoft Windows comes with the Windows Defender, which is free and relatively good at protecting your device. Macbooks generally offer good protection against viruses as well. That being said, installing programs from suspicious sources is not recommended. Always make sure that the files and applications which you are downloading and interacting with are secured. Always scan new downloads with your anti-virus or set it to do so automatically.

 

Keep your system and web browser up to date with the latest version and security updates.

Updates are annoying, we know, but keeping your device and browser up to date is important when it comes to security. Older versions of your OS might not have all of the needed security features to protect your device, or there could be exploits that have yet to be patched out. This puts you, your devices, and your personal information at risk.

 

Remove file and printer sharing on your computer if you do not need it.

It can be quite handy to be able to access files and printers on any device in your network, but this opens up the possibility for your device to be hacked or infected by an already compromised device or printer. This article shows how this feature could be used to compromise your device: MalwareBytes*

 

What else can I do to keep my device secure?

Here are some smaller things that have a big impact on your device safety:

  • Keep your devices on you at all times when taking them outside.
  • Locking your PC when getting up for a short time or leaving the room.
  • Backing up your important files.
  • Using 2FA/MFA on the device.
     

* Disclaimer: SMART VALOR is not affiliated with the creators of the articles we have listed and we don’t receive any monetary compensation from them. The articles linked, are simply there as supplementary material, as we have found the information in them helpful. Linking this additional information was done in order to provide you with as much information as we could, without increasing the size of our FAQ section or copying information from other platforms focused on these topics.
 

Social Media Security Awareness

At SMART VALOR, the security of our services is of the highest priority. Security and data privacy are built into our process, to ensure the trust of our customers and the security of their funds. That said, you also play an important role when it comes to securing your account and funds. This is especially true if you spend time on social media platforms. In this article, you will find best practices for staying safe when using these popular platforms.

 

Linkedin

 

Our LinkedIn page is a good place to stay up to date with news about SMART VALOR, as well as the most recent job openings we have. Be sure to check this page out if you’re interested in joining our team, we are always looking for great talent.

 

For additional security, consider changing the default privacy settings of your Linkedin account in the following way:

  • Where you’re signed in > Review for unknown devices (double checks that you recognize your signed-in sessions)
  • 2-Factor Authentication > Enable (adds an extra layer of account security)

Facebook

 

For additional security, consider changing the default security and privacy settings of your Facebook account to the following:

  • Use two-factor authentication > Enable (adds an extra layer of account security)
  • Get alerts on unrecognized logins > Enable (sends a push notification when there is an unknown login)
  • Encrypted notification emails > Enable
  • Save your login info > Disable (does not autofill your login credentials, which is especially important when using a shared device)
  • Where you're logged in > Review for unknown devices (double-checks your active sessions and where you are logged in)
  • Authorized logins > Review for unknown devices
  • Who can look you up using your e-mail? > Customize to your needs (changes the privacy settings for who can search for you using your email address)

Telegram

 

SMART VALOR team members will never initiate a conversation by sending you a private message. Official team members have a Staff or Admin label, which is visible when you chat with them or search them in the group.

 

For additional security, consider changing the default security and privacy settings for your Telegram account to the following:

  • Phone number > My contacts (only allows people in your contacts to see your number)
  • Calls > My contacts (only allows calls from people in your contact list)
  • Groups & channels > My contacts (only allows people in your contact list to add you to groups)
  • Passcode lock > On
  • Two-step verification > On (allows for an added layer of account security)
  • Devices > Review for unknown devices (double-checks that active sessions are only from devices that you are aware of)
  • Edit name > Type your unique display name
  • Set username > Type your unique username

Reddit

 

SMART VALOR staff and team members will never ask for your login credentials. If you are ever unsure about the authenticity of staff accounts, please email us.

 

For additional security, consider changing the default security and privacy settings of your Reddit (website version) account to the following:

  • Use two-factor authentication > On (adds an extra layer of account security)
  • Who can send you chat requests > Accounts older than 30 days (avoids spam and bot accounts)
  • Who can send you private messages > Nobody (avoids messages from unknown third parties)
  • Manage third-party app authorization > Review for unknown connections (reviews active sessions that you are aware of)

When in doubt, reach out to us.

 

If you suspect that someone is pretending to be a SMART VALOR employee to steal your funds or personal information, do not click on any links they provide. Additionally, do not respond to them, or provide them with any information about your account. Instead, confirm the sender’s identity by contacting us through the following official channels:

 

  • Our on-platform support chat
  • Send us an email to support@smartvalor.com

 

If you feel the need to and also have the time, feel free to also report the person reaching out to you if they are indeed a fraud.

 

 

Official Social Media Channels:

Data Privacy

At SMART VALOR, the security of our services is of the highest priority. Security and data privacy are built into our process, to ensure the trust of our customers and the security of their funds. We’re constantly working on improving these aspects on our platform.

 

As such, we believe that we have the obligation to share our best knowledge and good practices with our customers.

 

Regardless if you’re an experienced trader, a regular crypto-user, or at the start of your journey in the Cryptocurrency and Blockchain world, cybersecurity and Privacy threats are real and the same for everyone.

 

The most common bad habits

 

  • Your device or email password is the same as your SMART VALOR password.
  • Allowing others to access your SMART VALOR account, or not logging out from a 3rd party device.
  • Using the same email for multiple different financial services or exchanges. (Especially if they all share the same password)
  • Your 2FA/MFA app is installed on the same device you use to access your SMART VALOR account

 

DO’s and DONT’s

 

When it comes to your privacy and security, there’s not much room left for convenience. These are the priority aspects for which it is worth making compromises.

 

  • Use a unique email address to register an account. (Works best when paired with an anti-phishing code.)
  • Use strong and unique passwords (consider installing password management software)
  • With a password manager, you don’t have to remember multiple password combinations. Just make sure your master password is strong yet easy for you to remember.
  • Do not store passwords and logins in an unencrypted form
    Don't sacrifice security for momentary convenience. One cannot predict the exact timing for accidental device loss or an unauthorized, 3rd party access attempt.
  • Don’t store your 2FA recovery code on the same device you use to access your account.
  • Do not share credentials to your account with anyone.
    SMART VALOR and SMART VALOR employees would never reach out to you to request any login information, no matter what the form of communication used.

Contact with SMART VALOR

SMART VALOR offers its customers multiple communication channels through which you can reach us. As such it is important to know which ones are official, and of those official channels which are the most secure. Knowing what topics you can reach out to us about and where the best place to do that is can make your communication with us can increase your account security, ensure your data privacy is upheld, and also make talking with us a lot easier.

 

Email

 

Currently, our Customer Support is reachable via email at support@smartvalor.com for the SMART VALOR exchange and support@valorprime.com for the VALOR PRIME NFT platform. We recommend reaching out to us via email if you have a lot of questions that require answering so we can answer them all at once. Additionally, if you have a query that would require a lot of information to be provided to us or files to be sent then this would be a good choice as well.


In terms of security, reaching out to us via email is a good option. Additionally, you can always send us an email from our FAQ section, by clicking on the “New Support Ticket” button at the top of the page. This will allow you to fill out a ticket form and send us an email directly to our support line.

 

What should I watch out for when sending or receiving emails from SMART VALOR?

 

If you receive an email from us please always make sure that it comes from one of our official emails. Here is a list of the email addresses which you could receive an email from:

When sending us an email we recommend doing so to one of our support emails, depending on the platform you need help with.

Please note that platform emails (Notifications about logins, transactions, etc.) will also contain your Anti-Phishing code.


Chat

 

Another option for reaching out to us is through our on-platform chat. When you are on the SMART VALOR Website or the VALOR PRIME NFT marketplace you can find out Chat help widget at the bottom right corner of the page.

 

In terms of security, this option is also good as you can only access it from our platform and you are directly conversing with the SMART VALOR Support team.

 

What should I keep in mind when reaching out to you via chat?

 

As the chat can be accessed from the website, without being logged in, you can reach out to us as an anonymous customer. In such cases, we will be able to answer generic questions, but if you require help with your account or need answers to specific questions, we would require you to log in or send us an email from your email address.

How do I secure my account?

At SMART VALOR we take security very seriously and you can trust that your account and funds are safe with us. That being said, it is important that you take some steps to help us keep your account safe. Here are some of the things you can do to make this task easier.

 

How can my email address help here?

 

  • We recommend using an email address for your account that isn’t known by other people and has a strong and secure password.
  • Additional security, such as 2FA (2-Factor Authentication), for your email, would help keep your account secure.
  • Changing the password of the email you use for your Smart Valor account regularly.

 

What is Two-Factor Authentication (2FA)?

 

  • Enabling 2FA on your SMART VALOR account helps protect it from fraudulent actors.
  • Even if someone finds out your email and password, if they don’t have access to your phone, they can’t log into your account.
  • Save the Secret recovery key somewhere secure, even if you lose your 2FA access. you can reset it when needed.

 

What would help make my password better?

 

  • Using a long, unique, and strong password makes it harder for someone else to find or guess it.
  • Password manager software can ensure that you never forget your password, as well as help you generate a truly strong password.
  • Changing your password every 2-3 months is a good way to ensure it stays uncompromised.

 

For more information on the security features, we offer you can head over to our Security articles here: Security

Alternatively, you can head over to our Security section to learn more about account security and security awareness tips from our team.

 

Disclaimer: No member of the SMART VALOR team would contact you to request any login credentials. Never communicate your password or 2FA information to anyone. For all questions and concerns about your account and the platform, please first contact our Support channels via the on-platform chat, or by sending an email to support@smartvalor.com

Multi-Factor Authentication with a TOTP

What is Two Factor Authentication?

 

Two-factor authentication (also referred to as 2 Factor Authentication or Multi-factor authentication), abbreviated as 2FA or MFA is a security feature that allows you to increase your account security. This is an additional layer of security on top of your regular password. When enabled, you are required not only to provide your password on login, but also the randomly generated, unique, and constantly changing security code linked to your account.

 

What do I need to use 2FA?

 

To use 2FA on any platform, you need to first install an authenticator application on your device or mobile phone. This application should be installed from the official application distribution platform of your device. (Microsoft Store, Google Playstore, Apple Appstore, etc.) We recommend using authentication software from trusted companies such as Google Authenticator, Authy, or Microsoft Authenticator.

 

How to enable 2FA on my SMART VALOR account?

 

In order to enable 2FA on your account you need to perform the following steps:

  1. Log into your account and navigate to the Profile settings page. ( This can be found at the top-right corner of the dashboard)
  2. Navigate to Settings > Security
  3. Under Two-factor authentication click the “Enable” button
  4. Follow the instructions that the platform provides
  5. Save your secret recovery key in a secure location
  6. Enter your account password and verification code on your authenticator to fully enable the 2FA

 

Important notice:

Please make sure to save your recovery key as it is the only way for you to redo the setup of the Authentication in case of device loss or resetting. We strongly recommend saving the code on a trusted password manager or offline device that never connects to the internet.

 

We highly recommend using your 2FA Authenticator on a secure device that is password protected and accessible only to you. If you have the possibility to, please use a second device that is never connected to the internet or data services.

 

How can I reset my 2FA if I have lost my recovery key?

 

Please reach out to our Customer Support in order to remove the 2FA from your account. Please note that this will require you to reverify yourself upon login due to security reasons.

I received an unexpected "new login" email. Should I be concerned?

If you have received an email notifying a successful new login from SMART VALOR and this wasn't you, it means somebody has gained access to your login credentials and has signed in using them.

 

If your account was properly set up, you should already have 2FA enabled. In such case, if only the password would be compromised, it would be impossible for the person to gain access to your dashboard. However, if both factors (password and 2FA authentication codes) are compromised, then there is a risk of misuse of your account.

 

In any case, to ensure that your account is not further compromised and misused, immediately change your account password to a new and unique one, and update your 2FA settings.

 

Check also if you received any additional emails with regards to further activities on your account.

 

In case of any doubt, shortly contact SMART VALOR support for any relevant information regarding the suspected login.

 

Why did the SMART VALOR platform log me out?

At SMART VALOR, the security of our services is of the highest priority. Security and data privacy are built into our process, to ensure the trust of our customers and the security of their funds. Due to this, we have implemented certain security features. One such feature is that the platform may log you out automatically for the following reasons:

 

Account Inactivity

 

If you were logged in to your SMART VALOR account without inactivity for a reasonably long time, you will be logged out. This is implemented as a security measure to prevent your account from getting compromised. If you suspect that your account has been compromised, please change your password immediately and contact SMART VALOR support (support@smartvalor.com).

 

Change of IP address

 

You could also be logged out of an active session if we find that your IP address changes mid-session. This could be either because you logged in from a different browser or a different computer. Another reason why this could happen is if you are using a VPN to access the internet. 

 

 

Disclaimer: If you are logged out of an active session for reasons other than the above, please write to support@smartvalor.com

Popular Cryptocurrency Frauds

Why are the Aged People Particularly Vulnerable?

 

The elderly are particularly vulnerable to cryptocurrency fraud for several reasons:

  • Lack of Familiarity with the Internet: Many elderly individuals are not well-versed in the nuances of internet use, making them easy targets for online scams.
  • Trusting Nature: Older adults tend to be more trusting, making them more susceptible to deceitful schemes.

 

How Do Fraudsters Contact Victims?

 

Fraudsters commonly initiate contact via:

  • Phone Calls: Calls from unknown or internationally registered numbers.
  • Fake Emails: Email addresses like smart.valor-de@hotmail.com are fake because they are created on a public domain hotmail.com.  Anyone can create such an email. A real email from Smart Valor always ends with @smartvalor.com
  • Fake Support Agents: Fake support agents may appear to assist victims. To avoid falling for this only use the email or chat support on the official platform.
  • Fake Identities: Some known aliases include: Daniel Klein (sometimes David Klein), Michael Strauss, LC-markt investing company. There are likely other fake identities as well.

 

How Do Fraudsters Set Up Accounts?

 

Scammers often offer assistance in setting up accounts, both on exchanges and self-hosted wallets. Key risks include:

  • Loss of Control: Victims may not even have their passwords and 2FA records, which are stored by the fraudster.
  • Remote Access: Victims provide a 4-digit code for remote access to their computer, compromising security of all data. As a result, victims do not receive warning emails because the criminals quickly delete them.

 

Dangers of Screen Sharing

 

Sharing your screen during the setup of a self-hosted wallet like Exodus or Atomic Wallet is extremely risky. Fraudsters can:

  • Save Passwords and Login Data: Access sensitive information.
  • Steal Seed Phrases: With a 12-word seed phrase, fraudsters can sign transactions and transfer funds to their own wallet, resulting in permanent loss of access to the victim’s funds.

 

What Promises Do Fraudsters Make?

 

Fraudsters often promise unrealistically high profits to lure victims. Here are some key points to consider:

  • Volatility of Crypto: Cryptocurrency markets are highly volatile. While some individuals may make significant profits, these opportunities are rare and involve deep research. Despite this, success is not guaranteed.
  • False Promises: If an opportunity to make quick, significant money arises, it is unlikely that someone would share it freely with others.

 

In reality, average investors make small, realistic long-term profits through methods like holding or staking.

 

Why is Urgency a Red Flag?

 

Fraudsters often create a sense of urgency to pressure victims into making hasty decisions. This tactic prevents victims from:

  • Reviewing the Project: Rushing leads to insufficient time for proper due diligence.
  • Thinking Logically: The urgency causes confusion and impulsive actions, making it easier for fraudsters to deceive.

 

Fake Token Transactions

 

Victims often make several transactions and see apparent profits that are, in reality, fake tokens or profits. Fake tokens are fraudulent cryptocurrencies designed to deceive investors. Anyone can create a token and give it any name, often mimicking popular tokens. Use tools like price charts and block explorers to verify a token’s legitimacy.

Once the victim deposits the legitimate cryptocurrency requested by the scammers, it is immediately withdrawn since the scammers have access to the victim's 12-word seed phrase. The victim is then left with a wallet containing fake cryptocurrencies which cannot be withdrawn or sold. Meanwhile, the scammers escape with the real crypto, leaving the victim with worthless assets.

 

Common Fraud Stories

 

Some typical scenarios include:

  • Recovery Scams: After experiencing losses, a person gets an offer with help to recover lost funds for free.
  • Initial Investment: An advisor proposes an investment opportunity. After showing 'successful' profits after utilizing a smaller amount, like 250 EUR, the victim is asked to create and verify an account at an exchange to make further transactions.

 

Conclusion

 

Always exercise caution when dealing with cryptocurrency investments. Be skeptical of high-profit promises, avoid urgent decisions, and never share sensitive information or provide remote access to your devices. Stay informed and vigilant to protect yourself from fraud.