Wallet Safety for New Users: The 2026 Threat Models I Use in Community Workshops

When I teach wallet safety in community workshops, I do not start with the concept of threat modelling. I start with a story: someone I know lost access to their Bitcoin because they did not write down their recovery phrase. It was not a lot of Bitcoin. But it was their Bitcoin, and it is gone. That story lands because it is real, it is relatable, and it makes the abstract concept of security concrete.

This guide documents the specific threat models I use in workshops, adapted for the realities that new Bitcoin users in African and emerging market communities actually face. These are not the threat models you find in cybersecurity textbooks. They are the threats that show up in real life.

Threat Model 1: Phone Loss or Theft

The scenario: Your phone is stolen at a market. Or you drop it and it breaks. Or it falls in water. The phone is gone and you cannot access your wallet app.

Why it matters most: In communities where we work, phone theft is common. It is not an edge case. It is the most likely threat most new users will face.

The protection:

• Write down your recovery phrase on paper and store it in a secure location at home
• Do not store the recovery phrase as a photo, note, or message on the phone itself
• Set a PIN or biometric lock on the wallet app separate from the phone’s lock screen
• Know how to restore your wallet on a new device before you need to

The teaching moment: In workshops, I ask participants: “If your phone was stolen right now, could you get your Bitcoin back?” Most people who have not written down their recovery phrase realise the answer is no. That realisation is the most effective motivator for proper backup.

Our beginner wallet checklist includes step-by-step backup instructions.

Threat Model 2: Recovery Phrase Exposure

The scenario: Someone finds, photographs, or otherwise copies your recovery phrase. They can now access your wallet from any device and take everything in it.

Why it matters: The recovery phrase is the single most sensitive piece of information in Bitcoin self-custody. Anyone who has your recovery phrase has your Bitcoin.

The protection:

• Never share your recovery phrase with anyone, including wallet support, community educators, or friends
• Never type it into a website, message, or email
• Store it in a location only you or a trusted family member can access
• If you suspect someone has seen your phrase, create a new wallet and transfer your funds immediately

Common mistakes in our communities:

• Storing the phrase in a WhatsApp message to themselves
• Taking a screenshot and leaving it in the phone’s photo gallery
• Sharing it with a helpful friend who offered to keep a copy
• Writing it in a notebook that sits openly on a table

The teaching moment: I demonstrate in workshops what someone can do with a recovery phrase by restoring a test wallet with a known phrase. Seeing how easy it is to access a wallet from a different phone makes the risk visceral.

Threat Model 3: Social Engineering and Scams

The scenario: Someone contacts you claiming to be from your wallet provider, a community leader, or a Bitcoin investment opportunity. They ask for your recovery phrase, ask you to send Bitcoin to verify your account, or promise to multiply your Bitcoin.

Why it matters: Bitcoin scams targeting new users are persistent and increasingly sophisticated. In communities where Bitcoin education is new, people may not yet have developed the scepticism needed to identify scams.

Common scam patterns:

• “Send us 0.001 BTC and we will send you 0.01 BTC back” — multiplication scams
• “Your wallet has been compromised, give us your recovery phrase to secure it” — phishing
• “Invest with us for guaranteed 50% monthly returns” — Ponzi schemes
• “I am a facilitator from [organisation], I need to verify your wallet” — impersonation

The protection:

• No legitimate service will ever ask for your recovery phrase
• No one can multiply your Bitcoin. If it sounds too good to be true, it is a scam.
• Verify any unexpected contact through a separate channel before responding
• If you are unsure, ask a trusted community educator before taking action

The teaching moment: I share real examples of scam messages (with identifying details removed) in workshops. Participants are better at spotting scams when they have seen examples.

Threat Model 4: Custodial Service Failure

The scenario: You keep your Bitcoin in a custodial wallet or exchange. The service shuts down, gets hacked, or freezes your account. You cannot access your Bitcoin.

Why it matters: Many new users start with custodial services because they are simpler. But custodial services introduce counterparty risk: you are trusting a company to safeguard your funds.

Historical examples:

• Multiple exchanges worldwide have been hacked, resulting in user fund losses
• Exchanges have frozen user accounts due to regulatory action
• Custodial wallet services have shut down with insufficient notice for users to withdraw

The protection:

• Understand the difference between custodial and non-custodial wallets
• If using a custodial service, do not keep more Bitcoin there than you can afford to lose
• Regularly withdraw from custodial services to your own non-custodial wallet
• Check whether the service has a track record, is based in a reputable jurisdiction, and has transparent policies

The teaching moment: I ask participants: “Who has control of your Bitcoin right now? You, or a company?” This question clarifies the custody model immediately.

Threat Model 5: Incorrect Transaction

The scenario: You send Bitcoin to the wrong address, send the wrong amount, or the transaction goes to an address that nobody controls. Bitcoin transactions are irreversible. There is no customer support to reverse the transaction.

Why it matters: New users who are accustomed to mobile money, where customer support can sometimes reverse transactions, may not fully understand that Bitcoin sends are final.

The protection:

• Always verify the recipient address before confirming a transaction
• For large amounts, send a small test transaction first
• Use QR codes rather than manually typing addresses
• Double-check the amount before confirming

The teaching moment: I emphasise that Bitcoin transactions are like handing someone cash. Once you hand it over, you cannot take it back. This analogy helps people from cash-heavy economies understand finality.

Threat Model 6: Physical Coercion

The scenario: Someone physically threatens you to transfer your Bitcoin. Unlike cash in a safe that might not be accessible, a Bitcoin wallet on your phone can be used immediately under duress.

Why it matters: In some contexts, carrying a phone with a visible Bitcoin wallet balance can create personal safety risk. This is especially relevant in communities where street crime includes phone-based extortion.

The protection:

• Do not display large Bitcoin balances in public
• Consider using a wallet with a hidden or secondary balance feature
• Keep only small amounts on your daily-use wallet and larger amounts in a separate, less accessible wallet
• Do not discuss your Bitcoin holdings in public or on social media

The teaching moment: This topic requires sensitivity. I raise it not to scare participants but to ensure they think about personal safety as part of financial safety. The Bitcoin safety guide covers operational security in more detail.

How I Structure Workshop Safety Sessions

A typical wallet safety session in a community workshop follows this structure:

1. Story opening. A real example of someone who lost Bitcoin due to a preventable mistake. This establishes why safety matters.

2. Threat walk-through. Cover each relevant threat model with a scenario, a protection, and a question to the group. Not all threats are equally relevant to all communities; adapt based on context.

3. Hands-on practice. Participants write down their recovery phrase, set up a wallet PIN, and practise restoring a wallet (using a test wallet).

4. Scam recognition exercise. Show real scam messages and ask participants to identify the red flags.

5. Questions and discussion. Open the floor for questions. The questions that surface here often reveal threat models specific to the local community that the facilitator had not considered.

Common Questions

Is a custodial wallet safe enough for small amounts? For learning and for amounts equivalent to a few dollars, a reputable custodial wallet is acceptable. For larger amounts or long-term holding, non-custodial is strongly recommended.

What if I forget where I put my recovery phrase? Search thoroughly. If you cannot find it, create a new wallet, transfer your funds from the old wallet while you still have access, write down the new recovery phrase, and store it securely.

Should I use a hardware wallet? For new users holding small amounts, a hardware wallet is unnecessary complexity. As holdings grow, a hardware wallet becomes more appropriate. The priority for new users is mastering recovery phrase management.

How often should I back up my wallet? Your recovery phrase backup only needs to be created once per wallet. It does not change. However, verify periodically that your backup is still intact and readable.

Conclusion

Wallet safety for new users is not about paranoia. It is about building simple habits that protect against the most likely threats. Phone loss, recovery phrase exposure, social engineering, custodial failures, transaction errors, and physical security. Each threat has a straightforward protection, and each protection can be taught in a workshop setting.

The goal is not to make people afraid of Bitcoin. It is to make them confident that they know how to use it safely. That confidence, built on real understanding rather than vague reassurance, is what turns curious participants into competent users.