Owning cryptocurrency isn't quite the Wild West experience it was at the beginning of the decade, but investors still face plenty of instability and risk. The threats aren't just abstract or theoretical; new scams crop up, and old ones resurge, all the time. Whether it's a fake wallet set up to trick users, a phishing attempt to steal private cryptographic keys, or even fake cryptocurrency schemes, there’s something to watch out for at every turn.

Cryptocurrencies can feel secure, because they decentralize and often anonymize digital transactions. They also validate everything on public, tamper-resistant blockchains. But those measures don't make cryptocurrencies any less susceptible to the types of simple, time-honored scams grifters have relied on in other venues. Just this week, scams have arisen that divert funds from users' mining rigs to malicious wallets, because victims forgot to change default login credentials. Search engine phishing scams that tout malicious trading sites over legitimate exchanges have also spiked. And a trojan called CryptoShuffler has stolen thousands of dollars by lurking on computers, and spying on Bitcoin wallet addresses that land in copy/paste clipboards.

A few simple steps, though, can help cryptocurrency proponents—be it Bitcoin or Monero or anything between—guard against a swath of common attacks. Just as you might keep your cash out of plain sight, or stash your jewelry in a safe deposit box, it pays to put a little effort into how you manage your cryptocurrency. The following won't defend against every conceivable attack on your digital doubloons, but it's a good place to start.

Cold, Hard (Digital) Cash

A key step to protecting your cryptocurrency is to store anything of significant value in a hardware wallet—a physical device, like a USB drive, that stores your private keys and currency locally, and isn’t connected to the internet. Experts caution against storing large amounts of coins through cryptocurrency exchanges, or in digital wallet apps on your smartphone or computer. The public-facing internet offers an attacker too many inroads to attempt to infiltrate your wallet, or trick you into giving them access.

Secure hardware wallets like Trezor or the Ledger Nano S cost about $100 or less and have a straightforward setup. You just choose a PIN number and a recovery "seed" (usually a set of words and numbers) in case you forget your PIN, or your wallet malfunctions. It's pretty robust security, so make sure you keep copies of your PIN and seed somewhere accessible to you, but not to home intruders. Recovering currency stored on a hardware wallet after losing both the PIN and the seed is a whole thing. Emin Gun Sirer, a distributed systems and cryptography researcher at Cornell University, goes so far as to suggest that you should "keep a backup of the seed key in a fireproof safe." This stuff is for real.

Your setup also doesn't have to be fancy; you can store backups of your coins on any external storage device, like a portable hard drive. Just make sure to encrypt the data in case the device is lost or stolen. You might even consider making a backup to leave in a safe deposit box.

Big Spender

The downside to a hardware wallet is that it makes approving transactions a bit cumbersome. If you want more fluid access to your cryptocurrency, experts suggest storing a small amount in a wallet app to facilitate low-value transactions. The key here: Only keep an amount you would be willing to lose in the app, and never give anyone your private key.

Apps like Mycelium Wallet that are interoperable with popular hardware wallets can make your setup more seamless. And some app-based options like Samourai Wallet are working to prioritize robust encryption and privacy features. Still, don't trust any app with too much cryptocash right now.