Bitcoin

How to buy crypto safely — wallets, exchanges, and the mistakes beginners make

Buying cryptocurrency is easy. Buying it safely — and storing it correctly — is where most beginners go wrong. The complete practical guide: exchanges, wallets, custody, and the seven mistakes that cost people money.

How to buy crypto safely — wallets, exchanges, and the mistakes beginners make
₿ Series 2 · Crypto & Blockchain · W1 · Friday
₿ Serie 2 · Crypto & Blockchain · S1 · Venerdì
₿ Série 2 · Crypto & Blockchain · S1 · Vendredi
Crypto & Blockchain · Foundations
Crypto & Blockchain · Fondamenti
Crypto & Blockchain · Fondamentaux

How to buy crypto safely —
wallets, exchanges, and the mistakes beginners make

Come comprare crypto in sicurezza —
wallet, exchange e gli errori dei principianti

Comment acheter des cryptos en sécurité —
wallets, exchanges et les erreurs des débutants

Buying cryptocurrency takes five minutes. Buying it safely — and storing it correctly — takes understanding. Most beginners skip that part. Here is everything you need before you spend a single euro.

Comprare criptovalute richiede cinque minuti. Comprarle in sicurezza — e conservarle correttamente — richiede comprensione. La maggior parte dei principianti salta quella parte. Ecco tutto quello che ti serve prima di spendere un singolo euro.

Acheter des cryptomonnaies prend cinq minutes. Les acheter en sécurité — et les stocker correctement — nécessite de la compréhension. La plupart des débutants sautent cette étape. Voici tout ce dont vous avez besoin avant de dépenser un seul euro.

Lucas Buffett· March 27, 202627 marzo 202627 mars 2026 · 9 min · ★☆☆ Foundations9 min · ★☆☆ Fondamenti9 min · ★☆☆ Fondamentaux

Brian Armstrong — CEO of Coinbase and one of the architects of retail crypto access — built his company around a single insight: the UX barrier was the biggest obstacle to adoption. Over a decade later, the barrier to buying crypto has essentially disappeared. The barrier to buying it safely has not.

Brian Armstrong — CEO di Coinbase e uno degli architetti dell'accesso retail alle crypto — ha costruito la sua azienda attorno a un unico insight: la barriera UX era il principale ostacolo all'adozione. Più di un decennio dopo, la barriera all'acquisto di crypto è essenzialmente scomparsa. La barriera all'acquisto sicuro no.

Brian Armstrong — PDG de Coinbase et l'un des architectes de l'accès retail aux cryptos — a construit son entreprise autour d'un seul insight : la barrière UX était le principal obstacle à l'adoption. Plus d'une décennie plus tard, la barrière à l'achat de cryptos a essentiellement disparu. La barrière à l'achat sécurisé n'a pas disparu.

B
Brian Armstrong
@brian_armstrong
𝕏
We built Coinbase because buying Bitcoin should be as easy as buying a stock. The UX barrier was the biggest obstacle to crypto adoption in 2012. It still is. Every time we reduce friction, we bring millions of new people into the ecosystem.
Mar 5, 2025
🔁 3.1K❤️ 12.3K

Source: @brian_armstrong on X · #Crypto #Coinbase #Adoption #Bitcoin

Fonte: @brian_armstrong su X · #Crypto #Coinbase #Adozione #Bitcoin

Source : @brian_armstrong sur X · #Crypto #Coinbase #Adoption #Bitcoin

C
Cameron Winklevoss
@cameron
𝕏
There are two types of crypto investors: those who control their keys and those who trust someone else to. The second group learned a brutal lesson in 2022. FTX, Celsius, BlockFi. Three companies. Hundreds of thousands of customers. Billions in losses. Not your keys, not your coins — this is not ideology. It is risk management.
Jan 18, 2024
🔁 5.2K❤️ 18.7K

Source: @cameron on X · #Bitcoin #SelfCustody #NotYourKeys #FTX

Fonte: @cameron su X · #Bitcoin #AutoCustodia #NotYourKeys #FTX

Source : @cameron sur X · #Bitcoin #AutoGarde #NotYourKeys #FTX

Step 1 — Choose your exchange

Passo 1 — Scegli il tuo exchange

Étape 1 — Choisissez votre exchange

An exchange is a marketplace where you buy, sell, and (temporarily) store cryptocurrency. Not all exchanges are equal. The differences that matter most: regulatory status, security track record, available assets, fee structure, and withdrawal options.

Un exchange è un marketplace dove compri, vendi e (temporaneamente) conservi criptovalute. Non tutti gli exchange sono uguali. Le differenze più importanti: stato regolatorio, track record di sicurezza, asset disponibili, struttura delle commissioni e opzioni di prelievo.

Un exchange est un marché où vous achetez, vendez et (temporairement) stockez des cryptomonnaies. Tous les exchanges ne sont pas égaux. Les différences les plus importantes : statut réglementaire, bilan de sécurité, actifs disponibles, structure des frais et options de retrait.

ExchangeExchangeExchange RegulatedRegolamentatoRéglementé Best forIdeale perIdéal pour Key noteNota chiaveNote clé
Coinbase ✓ US/EU ✓ US/UE ✓ US/UE Beginners, institutional, US investors. Listed on NASDAQ. Principianti, istituzionali, investitori USA. Quotato al NASDAQ. Débutants, institutionnels, investisseurs US. Coté au NASDAQ. Higher fees but strongest compliance. FDIC-insured USD balances. Commissioni più alte ma conformità più forte. Saldi USD assicurati FDIC. Frais plus élevés mais meilleure conformité. Soldes USD assurés FDIC.
Kraken ✓ US/EU ✓ US/UE ✓ US/UE Intermediate users, staking, lower fees than Coinbase. Utenti intermedi, staking, commissioni più basse di Coinbase. Utilisateurs intermédiaires, staking, frais inférieurs à Coinbase. Never hacked. Strong security track record since 2011. Mai violato. Solido track record di sicurezza dal 2011. Jamais piraté. Solide bilan de sécurité depuis 2011.
Gemini ✓ US — NYDFS licensed ✓ US — licenza NYDFS ✓ US — licencié NYDFS Compliance-focused investors, institutional, custody. Investitori orientati alla conformità, istituzionali, custodia. Investisseurs axés sur la conformité, institutionnels, garde. Founded by @cameron and @tyler Winklevoss. Strong regulatory position. Fondato da @cameron e @tyler Winklevoss. Forte posizione regolatoria. Fondé par @cameron et @tyler Winklevoss. Position réglementaire solide.
Binance ~ Partial ~ Parziale ~ Partiel Advanced users, widest asset selection, lowest fees. Utenti avanzati, selezione di asset più ampia, commissioni più basse. Utilisateurs avancés, sélection d'actifs la plus large, frais les plus bas. Regulatory issues in multiple jurisdictions. Not recommended for beginners. Problemi regolatori in diverse giurisdizioni. Non raccomandato per principianti. Problèmes réglementaires dans plusieurs juridictions. Déconseillé aux débutants.
T
Tyler Winklevoss
@tyler
𝕏
Gemini was built to be the most trusted and regulated crypto exchange in the world. We believe that strong compliance and strong crypto are not opposites — they are the only sustainable path to mainstream adoption. The future of finance requires both.
Feb 14, 2025
🔁 1.9K❤️ 7.4K

Source: @tyler on X · #Gemini #Crypto #Regulation #Bitcoin

Fonte: @tyler su X · #Gemini #Crypto #Regolamentazione #Bitcoin

Source : @tyler sur X · #Gemini #Crypto #Réglementation #Bitcoin

C
Coinbase
@coinbase
𝕏
With the approval of spot Bitcoin ETFs, institutional adoption has entered a new phase. BlackRock's IBIT, our custody partner, crossed $50 billion in AUM in record time. The infrastructure for mainstream crypto adoption is now in place.
Apr 8, 2024
🔁 2.7K❤️ 9.8K

Source: @coinbase on X · #Bitcoin #ETF #BlackRock #Crypto #Institutional

Fonte: @coinbase su X · #Bitcoin #ETF #BlackRock #Crypto #Istituzionale

Source : @coinbase sur X · #Bitcoin #ETF #BlackRock #Crypto #Institutionnel

Step 2 — Set up your account correctly

Passo 2 — Configura correttamente il tuo account

Étape 2 — Configurez correctement votre compte

1
Enable 2FA with an authenticator app — not SMS
Abilita il 2FA con un'app authenticator — non via SMS
Activez le 2FA avec une appli d'authentification — pas par SMS
SMS 2FA is vulnerable to SIM-swapping attacks — criminals persuade your carrier to transfer your number to their SIM. Use Google Authenticator or Authy instead. Never rely on SMS for crypto accounts.
Il 2FA via SMS è vulnerabile agli attacchi di SIM-swapping — i criminali convincono il tuo operatore a trasferire il tuo numero alla loro SIM. Usa invece Google Authenticator o Authy. Non fare mai affidamento sugli SMS per gli account crypto.
Le 2FA par SMS est vulnérable aux attaques de SIM-swapping — des criminels persuadent votre opérateur de transférer votre numéro à leur SIM. Utilisez plutôt Google Authenticator ou Authy. Ne comptez jamais sur les SMS pour les comptes crypto.
2
Use a dedicated email address
Usa un indirizzo email dedicato
Utilisez une adresse email dédiée
Create a separate email address used exclusively for your crypto exchange accounts. This limits phishing attack surfaces and prevents cross-service credential exposure.
Crea un indirizzo email separato utilizzato esclusivamente per i tuoi account di exchange crypto. Questo limita la superficie di attacco phishing e previene l'esposizione delle credenziali cross-service.
Créez une adresse email séparée utilisée exclusivement pour vos comptes d'exchange crypto. Cela limite la surface d'attaque de phishing et empêche l'exposition des identifiants cross-service.
3
Complete KYC fully and accurately
Completa il KYC in modo completo e accurato
Complétez le KYC complètement et avec précision
All regulated exchanges require identity verification (KYC). Do not skip or falsify it. Incomplete KYC leads to withdrawal limits or account freezes at the worst possible moment — when prices are moving.
Tutti gli exchange regolamentati richiedono la verifica dell'identità (KYC). Non saltarla o falsificarla. Un KYC incompleto porta a limiti di prelievo o blocchi del conto nel peggior momento possibile — quando i prezzi si muovono.
Tous les exchanges réglementés exigent une vérification d'identité (KYC). Ne la sautez pas ou ne la falsifiez pas. Un KYC incomplet entraîne des limites de retrait ou des blocages de compte au pire moment — quand les prix bougent.
4
Set withdrawal whitelist addresses
Imposta gli indirizzi whitelist per i prelievi
Définissez des adresses de retrait en liste blanche
Most exchanges allow you to whitelist specific wallet addresses for withdrawals. If you enable this, even if an attacker gains access to your account, they cannot withdraw to an address you have not pre-approved.
La maggior parte degli exchange consente di inserire nella whitelist indirizzi wallet specifici per i prelievi. Se abiliti questa funzione, anche se un attaccante accede al tuo account, non può prelevare verso un indirizzo che non hai pre-approvato.
La plupart des exchanges vous permettent de mettre en liste blanche des adresses de portefeuille spécifiques pour les retraits. Si vous activez cette option, même si un attaquant accède à votre compte, il ne peut pas retirer vers une adresse que vous n'avez pas pré-approuvée.

Step 3 — Move to self-custody for meaningful amounts

Passo 3 — Passa all'auto-custodia per importi significativi

Étape 3 — Passez à l'auto-garde pour les montants significatifs

Once you have purchased cryptocurrency, the safest long-term storage is a hardware wallet. The rule of thumb: any amount you would be upset to lose overnight should not be on an exchange.

Una volta acquistata la criptovaluta, il deposito a lungo termine più sicuro è un hardware wallet. La regola empirica: qualsiasi importo che ti dispiacerebbe perdere da un giorno all'altro non dovrebbe essere su un exchange.

Une fois les cryptomonnaies achetées, le stockage à long terme le plus sûr est un hardware wallet. La règle empirique : tout montant dont la perte du jour au lendemain vous dérangerait ne devrait pas se trouver sur un exchange.

⚠️ The seven mistakes that cost beginners money ⚠️ I sette errori che costano denaro ai principianti ⚠️ Les sept erreurs qui coûtent de l'argent aux débutants

1. Storing crypto on an exchange long-term. Exchanges are counterparties. They can be hacked, go bankrupt, or freeze withdrawals. FTX, Celsius, BlockFi — all failed within months of each other in 2022.

1. Conservare crypto su un exchange a lungo termine. Gli exchange sono controparti. Possono essere hackerati, andare in bancarotta o congelare i prelievi. FTX, Celsius, BlockFi — tutti falliti entro mesi l'uno dall'altro nel 2022.

1. Stocker des cryptos sur un exchange à long terme. Les exchanges sont des contreparties. Ils peuvent être piratés, faire faillite ou geler les retraits. FTX, Celsius, BlockFi — tous ont fait faillite en l'espace de quelques mois en 2022.

2. Losing the seed phrase. The seed phrase IS your wallet. Photograph it, store it digitally, or lose it — and your crypto is permanently inaccessible.

2. Perdere la seed phrase. La seed phrase È il tuo wallet. Fotografarla, conservarla digitalmente o perderla — e le tue crypto sono permanentemente inaccessibili.

2. Perdre la seed phrase. La seed phrase EST votre portefeuille. La photographier, la stocker numériquement ou la perdre — et vos cryptos sont définitivement inaccessibles.

3. Buying on FOMO. The moments of maximum media coverage of crypto are historically close to local tops. The best time to buy is when nobody is talking about it.

3. Comprare per FOMO. I momenti di massima copertura mediatica delle crypto sono storicamente vicini ai massimi locali. Il momento migliore per comprare è quando nessuno ne parla.

3. Acheter par FOMO. Les moments de couverture médiatique maximale des cryptos sont historiquement proches des sommets locaux. Le meilleur moment pour acheter est quand personne n'en parle.

4. Using SMS 2FA. SIM-swap attacks are the most common vector for exchange account takeovers. Always use an authenticator app.

4. Usare il 2FA via SMS. Gli attacchi SIM-swap sono il vettore più comune per la compromissione degli account exchange. Usa sempre un'app authenticator.

4. Utiliser le 2FA par SMS. Les attaques SIM-swap sont le vecteur le plus courant de prise de contrôle des comptes d'exchange. Utilisez toujours une appli d'authentification.

5. Sending to the wrong address. Crypto transactions are irreversible. Always double-check the first and last 6 characters of any address. Send a small test amount first on large transfers.

5. Inviare all'indirizzo sbagliato. Le transazioni crypto sono irreversibili. Controlla sempre i primi e gli ultimi 6 caratteri di qualsiasi indirizzo. Invia prima un piccolo importo di prova per trasferimenti grandi.

5. Envoyer à la mauvaise adresse. Les transactions crypto sont irréversibles. Vérifiez toujours les 6 premiers et derniers caractères de toute adresse. Envoyez d'abord un petit montant test pour les grands transferts.

6. Ignoring fees. Gas fees, trading spreads, withdrawal fees, and FX conversion costs can significantly impact small purchases. Always calculate the all-in cost before buying.

6. Ignorare le commissioni. Gas fee, spread di trading, commissioni di prelievo e costi di conversione FX possono impattare significativamente gli acquisti piccoli. Calcola sempre il costo all-in prima di comprare.

6. Ignorer les frais. Les frais de gas, les spreads de trading, les frais de retrait et les coûts de conversion FX peuvent impacter significativement les petits achats. Calculez toujours le coût all-in avant d'acheter.

7. Not reporting for tax purposes. In Italy and across the EU, crypto gains are taxable. Keeping no records of your transactions is a mistake that compounds with time and becomes very expensive at the wrong moment.

7. Non dichiarare ai fini fiscali. In Italia e in tutta l'UE, le plusvalenze crypto sono tassabili. Non tenere registrazioni delle transazioni è un errore che si accumula nel tempo e diventa molto costoso nel momento sbagliato.

7. Ne pas déclarer à des fins fiscales. En Italie et dans toute l'UE, les plus-values cryptos sont imposables. Ne pas conserver de registres de vos transactions est une erreur qui se cumule avec le temps et devient très coûteuse au mauvais moment.

✦ The complete setup — three tiers ✦ Il setup completo — tre livelli ✦ Le setup complet — trois niveaux

Your crypto security architecture

La tua architettura di sicurezza crypto

Votre architecture de sécurité crypto

Tier 1 — Exchange (spending/trading): keep only what you plan to trade in the next 30 days on a regulated exchange (Coinbase, Kraken, Gemini). Enable authenticator 2FA, withdrawal whitelist, and dedicated email.

Tier 1 — Exchange (spesa/trading): tieni sull'exchange regolamentato (Coinbase, Kraken, Gemini) solo ciò che prevedi di scambiare nei prossimi 30 giorni. Abilita il 2FA authenticator, la whitelist dei prelievi e l'email dedicata.

Niveau 1 — Exchange (dépenses/trading) : gardez sur l'exchange réglementé (Coinbase, Kraken, Gemini) uniquement ce que vous prévoyez d'échanger dans les 30 prochains jours. Activez le 2FA authenticator, la liste blanche des retraits et l'email dédiée.

Tier 2 — Software wallet (medium-term): amounts you plan to use within 1–12 months. Blue Wallet or Muun for Bitcoin; MetaMask or Rabby for Ethereum. You control the keys. Back up the seed phrase on paper in two locations.

Tier 2 — Software wallet (medio termine): importi che prevedi di usare entro 1-12 mesi. Blue Wallet o Muun per Bitcoin; MetaMask o Rabby per Ethereum. Controlli le chiavi. Fai il backup della seed phrase su carta in due posizioni diverse.

Niveau 2 — Software wallet (moyen terme) : montants que vous prévoyez d'utiliser dans 1-12 mois. Blue Wallet ou Muun pour Bitcoin ; MetaMask ou Rabby pour Ethereum. Vous contrôlez les clés. Sauvegardez la seed phrase sur papier en deux endroits différents.

Tier 3 — Hardware wallet (long-term savings): anything above your comfort threshold should be in a hardware wallet (Ledger, Trezor, or Coldcard). Offline, air-gapped, physically secured. The seed phrase written in steel and stored in a fireproof safe.

Tier 3 — Hardware wallet (risparmio a lungo termine): qualsiasi cosa sopra la tua soglia di comfort dovrebbe essere in un hardware wallet (Ledger, Trezor o Coldcard). Offline, air-gapped, fisicamente sicuro. La seed phrase scritta in acciaio e conservata in una cassaforte ignifuga.

Niveau 3 — Hardware wallet (épargne long terme) : tout ce qui dépasse votre seuil de confort devrait être dans un hardware wallet (Ledger, Trezor ou Coldcard). Hors ligne, air-gapped, sécurisé physiquement. La seed phrase gravée sur acier et conservée dans un coffre ignifuge.

→ Next week: Proof of Work vs Proof of Stake — the two ways to secure a blockchain

→ La prossima settimana: Proof of Work vs Proof of Stake — i due modi di proteggere una blockchain

→ La semaine prochaine : Preuve de Travail vs Preuve d'Enjeu — les deux façons de sécuriser une blockchain

This article is for informational and educational purposes only. It does not constitute financial, tax or investment advice. Always conduct your own due diligence before using any exchange or custody solution.

Questo articolo ha finalità esclusivamente informative ed educative. Non costituisce consulenza finanziaria, fiscale o di investimento. Conduci sempre la tua due diligence prima di utilizzare qualsiasi exchange o soluzione di custodia.

Cet article est à titre exclusivement informatif et éducatif. Il ne constitue pas un conseil financier, fiscal ou d'investissement. Effectuez toujours votre propre due diligence avant d'utiliser tout exchange ou solution de garde.

Subscribe for daily