A list of things you should be aware of to protect yourself from attackers when using a hardware wallet.
- Always set up / generate your seed yourself. If the device comes preloaded with a seed, reset the device with a new seed. Consider contacting the manufacturer and ask for a new device.
- Once you have set up your seed and created a physical back up, send a small amount to your wallet. After that, wipe your device completely and then restore it using your seed backup. Once restored, verify that the small amount is still in your wallet, then verify that you can send those funds. This will confirm that you recorded the back up correctly.
- When opening a new device, make sure the tamper resistant seal has not been tampered with.
- Before sending a bitcoin transaction to your hardware wallet, always verify the address on the hardware wallet screen itself.
- Never give your seed to anyone.
- Never type your seed into a computer. Only type it into the hardware wallet itself.
- Never put your seed remotely near the internet (cloud services, gmail drafts, etc)
- Use a dedicated computer only for accessing this hardware wallet. IE: Don't use your general purpose laptop if possible.
- Download Eletrum or Specter and verify that you've downloaded them correctly.
- Always purchase directly from the manufacturer. Not from eBay.
- When copying and pasting bitcoin addresses on your computer, be sure that you are pasting the exact same address as you copied.
- Think. Don't panic. Before giving ANY information to anyone or downloading ANYTHING. Scammers will try to make you panic into downloading updates, or divulging your seed. Don't rush. Don't panic.