Avoid wallets that do not provide you the generated secret key or seed. If you do not have the secret key for a given nano account, you do not control that account. It is that simple.
Avoid closed source wallets
Never enter your secret key into a website
Anyone soliciting your secret key is a scammer
Never message or email your secret key or seed
Avoid re-using addresses, use a new address for each receive
Never type out an address, always copy, or scan a qr code, or use any other automated approach
Double check addresses, you can check the first 5 and last 5 characters.
Suggestions
Desktop wallets that are open source can be safer than mobile wallets because you can validate the checksum
Generate a secret key or seed on a computer that is not connected to the internet, or ideally has never connected to the internet
