Phishing is a type of social engineering attack where scammers attempt to obtain information, such as usernames, passwords, two-factor authentication (2FA) codes, etc., by disguising themselves as a person or entity you trust.
The attacker will create a phishing website, for instance, one that looks identical to the Binance login page. The attacker then sends the phishing link to users via email or social media, and the victim sees this urgent email and clicks on the link.
Upon clicking a link, you may be taken to a phishing website which may directly prompt you to enter your account password, 2FA code, and SMS code.
You may even be asked to upload a selfie photo of yourself as part of a verification process, which attackers then use with AI to re-use for face verification; or you may be guided to your mobile devices for input of additional information.
Click to expand below examples:
Hackers created a fake Binance website (https://www.binance.com.com/) and manipulated users to visit it via a Facebook page. Once users log in to the fake website, hackers can steal their Binance account credentials.
The fake website also asked users to enter their Google 2FA backup key, so hackers can gain full access to users’ Binance accounts. Please note that Binance will never ask you to share your Google 2FA backup key in any case.
Hackers used a fake Binance website to trick users into installing malware. Please do not install any unknown software or browser plug-ins on your computer/smartphone.
Hackers directed users to another fake Binance website and tricked them into moving their assets to a “secured wallet” as soon as possible. Please note that Binance will never ask you to move your funds to another wallet.
1. Don't click suspicious links: Be cautious of links in emails or social media.
2. Check all URLs via Binance Verify, our official platform for checking whether or not a source link is official.
3. Enable Two-Factor Authentication: Add an extra layer of security to your account.
4. Regularly update your passwords: Use strong passwords and change them regularly.
Take precaution of phishing attacks and safeguard your Binance account.
For more details, please visit How to Prevent Phishing Attacks.
