While CoinZoom takes extensive security measures to ensure your account is as safe as possible, there are some additional steps that we strongly recommend you take to help protect your account from unauthorized access.
In addition to the steps below that you can take, CoinZoom protects your funds by using a strategy for hot, warm, and cold wallets that makes it more difficult for unauthorized access. Hot wallets allow crypto to be sent from CoinZoom to an external wallet. A small percentage of all available funds are kept in this wallet at any one time, which reduces your risk. Warm wallets allow crypto to be received into CoinZoom from an external wallet, but it is transferred to the cold wallet and not allowed to accumulate. The cold wallet, where most of the CoinZoom funds reside, is offline and requires CoinZoom to manually transfer crypto in and out of it. All the transactions between wallets happen securely in the background without you needing to do anything.
Only contact CoinZoom through the Customer Support portal at support.coinzoom.com. Fake customer service numbers and pages are on the increase — please be careful to verify any information you find via forums, social media and google adverts.
You may disable your account at any time using the disable links in password reset, transaction confirmation and device confirmation e-mails.
Use a complex and unique password that is not shared nor similar to those used on any other websites. These guidelines provide some information about what makes a strong password. It's also a good idea to change your password periodically (about every 3 months) and use a completely new password each time. Using a password manager such as 1Password or LastPass makes this easy to manage.
Also, never disclose your password to anyone. A CoinZoom employee will NEVER ask for your password.
Take advantage of the 2FA service, Google Authenticator.
If your email provider offers this functionality, consider adding 2FA to the email address you use to log in to CoinZoom. Do not use VOIP, Google Voice, or other phone providers that send you 2FA messages via email to the address you use to log in to CoinZoom.
If you use SMS 2FA codes, call your mobile provider and add additional protections to your account. For example, request a PIN or password for your account, ask for a port freeze and SIM lock (so attackers can’t move your phone number to a new carrier). If your carrier doesn’t support these added protections, consider changing to a carrier that does.
Your email address is one of the most important connections between you and your CoinZoom account! Make sure it is secure! Use this website: https://haveibeenpwned.com to see whether your email address has ever been compromised in a 3rd party data breach. If it has been, and you need to use a new email address, see the instructions in this article: Change my Email Address.
Do not use the same password on your email account that you do on your CoinZoom account. If your email provider offers it, activate 2FA on your email account to add an extra layer of security.
Be aware of Phishing
Be on the lookout for emails pretending to be from CoinZoom (you may have heard this called “phishing”). This is the most common way customers are compromised. Bookmark important websites (CoinZoom, email, banks, etc) and only visit those sites from those bookmarks. Avoid clicking links or opening attachments in emails. CoinZoom will never ask for your password, 2FA or remote access to your computer.
Bookmark trade.CoinZoom.com in your browser, and only ever use this link to access the website. Be sure to check for the "lock" symbol appearing in your browser's address bar when you access CoinZoom which indicates that your connection is secure. If this symbol is not present, double check the URL.
You can check the IP login activity and verified devices on your account anytime by logging in and going to Settings -> Activity Log. This report is only available on the web or Pro apps.