According to a previous report released by the FBI, most victims of cryptocurrency investment scams are over 30 years old, with a significant portion aged over 60, who are easily trapped in phishing scams due to their inability to obtain accurate and clear information in a timely manner.
Blockchain technology is evolving rapidly, and cryptocurrency scam groups are continuously updating their fraudulent techniques, with phishing scams becoming increasingly rampant and cunning. Today, WEEX exchange discusses Web3 phishing scams in detail to ensure your cryptocurrency safety journey.
What is phishing scam?
Phishing is a type of social engineering attack where scammers impersonate the WEEX exchange through malicious links or applications to steal victims' usernames, passwords, two-factor authentication (2FA), and other sensitive information, thereby stealing users' digital assets.
Scammers often contact users through phishing emails, text messages, or private messages on social platforms, guiding users to fake phishing websites under the pretense of account clearance or service termination; or they may remind users that an order needs to be verified, directing them to fake phishing websites to complete account unfreezing. Some scammers even forge WEEX exchange staff badges to increase credibility, and lure users into revealing sensitive personal information or visiting phishing websites by claiming that their accounts involve dirty money, have risks, or are frozen, requiring unblocking operations.
Common phishing attack methods that impersonate WEEX include:
● Fake WEEX customer service sending emails.
● Cloning the WEEX website.
● Misleading users via SMS that their account is at risk, directing them to phishing websites.
● Altering WEEX links on social media.
● Placing search engine ads to mislead users to fake WEEX customer service phone numbers and website links.
● Impersonating WEEX customer service on social chat platforms.
● Inducing users to download free software from the internet.
● Accessing free Wi-Fi can leak personal sensitive information.
How to effectively prevent phishing scams?
It is well known that the most important and weakest link in the security system is people, and user vigilance is key. In recent years, fake trading websites and apps impersonating WEEX have emerged endlessly, emphasizing the urgency for users to enhance vigilance and prevent phishing scams.
Phishing information often contains subtle errors, such as odd grammar, spelling mistakes, incoherent sentences, unusual domain names, etc. Therefore, be sure to carefully check the URLs sent to you by others, and develop a routine habit of checking links: hover your mouse over the link to see if the domain name is normal. And remember the official WEEX domain weex.com. You can also verify the email, URL, and Telegram account through the official WEEX verification page (https://www.weex.com/zh-TW/official-verification) to check if they come from WEEX.
In addition, scammers often try to create a sense of urgency to pressure users into taking action quickly. For example, they may send emails saying your account will expire soon, requiring you to complete verification within a specified timeframe; or send text messages guiding you to quickly transfer assets to a 'safe wallet' to 'avoid asset loss', etc.
In the face of such sudden information, especially requests for your personal or financial information, be cautious. Please note that WEEX exchange staff will never ask for such details.
WEEX reminds you to cautiously visit any suspicious links, avoid entering personal information on unfamiliar websites; be careful when downloading any unknown attachments. To download and install the WEEX App, please use the download channels provided on the WEEX official website (https://www.weex.com/zh-TW/download), or search for 'WEEX' in the official App Store/Google Play.
Preventing phishing scams requires the joint effort of users and WEEX. Here are the safety guidelines recommended by WEEX exchange on how to identify and prevent phishing scams online. With this guide, you can effectively recognize the disguises of cryptocurrency phishing scammers and protect your assets.
1) Always ensure you are using the updated version of Google Chrome or Firefox, which can automatically detect high-risk or unsafe phishing websites and promptly alert users.
2) Confirm that the URL you opened is the correct official domain of WEEX: weex.com.
3) Check whether the SSL certificate of the currently visited website is valid.
4) Enable Google two-factor authentication (2FA) or SMS verification. Stay vigilant and do not disclose the 16-digit Google 2FA key to anyone or any website. If you accidentally leak your username and password, 2FA can still protect your account from being accessed by hackers.
5) Use the Netcraft extension on Chrome or Firefox to detect phishing websites.
6) Install antivirus software, and regularly update the system and antivirus software to ensure a secure computer network environment.
7) Use a secure network and avoid accessing insecure free Wi-Fi.
8) Use a unique account email and different passwords, and do not disclose passwords to anyone.
9) Be cautious when clicking links and attachments in emails.
10) Encrypt your email and phone.
Beware of scams impersonating WEEX official personnel online/over the phone.
Previously, scams impersonating WEEX staff have been discovered, including impersonating WEEX customer service and business personnel to call users, adding them on WeChat, and luring users into fake WeChat groups. Here are some typical tactics summarized by WEEX used by impersonators to scam users:
1) Adding your WeChat/QQ/Telegram or other social accounts, requesting your email, or sending you a link/QR code for you to click and fill in account information, or asking you to log into relevant accounts and bank accounts, through a series of operations to steal your assets.
2) Invite you to share your screen remotely, guiding you to operate the account. During this process, they may ask for your phone verification code, Google verification code, or authorization for remote login under the pretext of verifying your identity, to steal account information.
3) Provide a fake URL guiding you to withdraw coins to a so-called 'safe account' or transfer to a specified address to complete so-called 'account unfreezing', 'asset conversion', etc., further stealing your assets.
4) Impersonate official departments to send SMS, emails, or make phone calls, claiming your account involves dirty money, is at high risk, or is frozen, requiring you to operate unblocking, clear accounts, no longer provide services, or verify orders via SMS, guiding you to withdraw coins to a so-called 'safe account', or conduct 'asset conversion', which may also require you to provide 2FA, scan QR codes, or visit phishing websites to verify orders.
Security reminder: No staff from any platform or judicial authority will proactively contact you claiming your account is at risk of money laundering, nor will they ask for your password, verification code, etc., nor will they require you to access third-party screen sharing software, or ask you to conduct any buying, withdrawing, transferring, or other asset transfer operations.
5) Impersonating the official WEEX exchange account to create communities, engaging in scams under the guise of exchange, interest generation, smart contracts, etc.
WEEX once again reminds: The official customer service of the WEEX platform will not contact users by phone. Online customer service is the only communication tool WEEX uses to contact users. Any official information from the WEEX exchange is subject to the official website announcements. Carefully identify scam activities to avoid financial losses. If you have any issues related to funds, please consult customer service immediately.
If you receive an email from WEEX, verify the sender's information immediately. Also, be sure to enable the anti-phishing code in your account security settings to add a layer of protection to your account, never share the anti-phishing code with anyone. Once you set the anti-phishing code, all official emails from WEEX will contain this code to help you verify its authenticity.
Finally, always remember that due to the irreversibility of blockchain transfers and the anonymity of user information, once a transfer occurs or account information is compromised, your funds may be unrecoverable!