Casa Blog - Bitcoin Security Made Easy

In this article we’ll touch on how to prevent some of the biggest mistakes people often make when it comes to owning bitcoin.

Nobody’s a perfect bitcoin owner. Even the most distinguished bitcoiners will probably tell you they’ve made a laundry list of mistakes before getting where they are today.

We’ve made a short list of some of the most common mistakes we see bitcoin owners (especially new ones) make and how to prevent them.

Disclaimer: This article is NOT financial or investment advice. We are not providing an investment recommendation or claiming that bitcoin will give you a financial return. Bitcoin is a technology marvel, and these tips should help you think about how/when/why to engage with it.

Mistake #1: Waiting too long to own bitcoin

Two of the most common questions we see bitcoin beginners ask are:

1) “Is now a good time to buy bitcoin?”
2) “When is the best time to buy bitcoin?”

Our overly simplistic but valid answers will always be:

1) “Yes.”
2) “Yesterday.”

Most of the time those questions come from people looking to turn a quick profit on a bitcoin investment. To those people, market analysis might actually matter, despite how unreliable it is in the first place. In those that stand behind bitcoin technology for more than potential monetary profitability, however, a more optimistic and long-term outlook is present. To these people, bitcoin wins in the long run.

Here are three tips to prevent this mistake:

1. Do your own research.

This tip isn’t unique to bitcoin. You should always question your information sources and perform due diligence when deciding whether it’s a good time for you to own bitcoin personally.

You probably shouldn’t base your decision off an answer from the U.S. Treasury or r/bitcoin. In other words, never ask a barber if you need a haircut. Instead, make an informed decision based on your financial situation, knowledge of current events, and your knowledge of and belief in bitcoin.

Here’s an open source, curated list of reputable bitcoin resources to learn from!

2. If you have nothing, buying a small chunk can be a good idea.

Bitcoin’s controlled supply is part of what makes it so valuable. There will only ever be slightly less than 21 million bitcoins, and once they’re mined, it will get even harder to become an owner of one. Given its rarity and potential technology impact, having no ownership of bitcoin is a bad idea.

In his recent thesis titled “The Case for a Small Allocation to Bitcoin,” Wences Casares says:

“In my (subjective) opinion the chances of Bitcoin failing are at least 20%. But after 10 years of working well without interruption, with more than 60 million holders, adding more than 1 million new holders per month and moving more than $1 billion per day worldwide, it has a good chance of succeeding. In my (subjective) opinion those chances of succeeding are at least 50%. If Bitcoin does succeed, 1 Bitcoin may be worth more than $1 million in 7 to 10 years.”

3. Dollar-cost averaging

Bitcoin is a highly volatile asset. Anyone who’s been in the space for a while now is probably familiar with the #rekt memes pointing the finger at people who made a large investment in bitcoin right before a steep downturn in price.

It can be a little easier on your wallet (and your psyche) to buy the same amount of bitcoin at regular intervals, regardless of its price. This is known as dollar-cost averaging, and it can soften the blow of short-term volatility while helping to prevent you from panic-buying or investing more than you can afford to lose.

Mistake #2: Keeping your funds on an exchange

If a visit to CryptoSec’s Documented Timeline of Exchange Hacks isn’t enough to scare you away from custodial solutions, perhaps nothing will. Since 2011, over $1.8 billion in funds have been stolen as the result of successful exchange hacks; that figure does not include the value of stolen user data or any undisclosed fund loss.

There are serious security concerns in leaving your funds on an exchange, and hacks are just the tip of the iceberg. As long as an exchange has your private keys, anything that happens out of your control is, well...out of your control. “Not your keys, not your bitcoin,” isn’t said as often as it is just because it’s catchy. Exchanges have been linked to exit scams, single points of failure, and hordes of phishing scams.

Holding your own keys can be daunting at first, but Casa App makes it incredibly easy to do so with confidence. Everything about the Casa App is designed to be user-friendly for a seamless experience, from the moment you withdraw your bitcoin from an exchange until it’s safe and sound in your multisig setup.

There’s a Casa App solution for every need and price point, ranging from 2-of-3 Basic Multisig for beginners holding less than $100k, and up to the 3-of-5 Key Shield system for maximum security. No matter what level you choose, your keys are just that—yours.

Mistake #3: Falling for scams

As technology becomes more sophisticated, so do the methods used by malicious actors to take advantage of you. The most important step in prevention is to first educate yourself about the types of scams. Simply being aware of a malicious actor’s goal will help you notice the red flags when they come. Here are just a few of the most common scams newcomers fall victim to:

Free bitcoin!

Here’s another (necessary) cliché for you: if it sounds too good to be true, it probably is. People claiming they’ll give you free bitcoin in return for your personal info, private keys, a small deposit, etc. aren’t just looking to donate their bitcoin. Rather, they’re looking for you to “donate” yours—all of it—directly into their wallet. And then they’ll disappear and you’ll never hear from them again. This type of scam happens a lot on Twitter and Reddit. If someone DMs you promising free bitcoin or a specific return on your investment, it’s best to report the user for spam/fraud.


Phishing may be the most common scam due to its relatively low barrier to entry for scammers and overall success rate. It most often comes in the form of emails and websites that mimic the actual services you may use. The most immediate red flag is usually some sort of call to action—e.g., an email telling you to reset your password or a website asking you to download software. Always question calls to action and, if in doubt, double-check by reaching out to the company via the contact information on their site or by getting a third-party opinion.


Malware can be especially dangerous since users often don’t know it’s present until it’s too late. Malware is usually designed to act when users are inactive, and will steal passwords needed to access sensitive information such as credit card, bank account, and social security numbers. If you aren’t using multisig and your bitcoin wallet is connected to the Internet, malware can be used to access and siphon your funds before you know what hit you. Be extremely cautious about the software you download, emails you interact with, and links you click.

When it comes to scams, it’s easy to feel like it’s more about avoidance than prevention, but that doesn’t have to be the case.

Check out our guide on 7 ways to level up your bitcoin OpSec to help put yourself in the best going-forward position possible.

Bitcoin ownership is a learning process, and here are our key tips for preventing mistakes:

  • Do your own research and decide when the best time for you to invest is.
  • Holding your own keys is the only way to ensure the safety of your funds.
  • Educate yourself and make the proper precautions to avoid becoming the next scam victim.

Have an addition to the list? Send us a tweet @CasaHODL.

Casa is here to help

In every Casa membership plan, members receive world-class support designed to help you prevent and recover from any mistake.

Casa Gold members have access to expedited email support for troubleshooting and key recovery signing.

Casa Platinum and Diamond members receive direct access to a personal client advisor. Your advisor is on call 24/7 to help you through any security concern you may have—physical or cyber.

Email today to speak with a client advisor and get a free demo of our 3-of-5 multisig.