Main Takeaways
Smishing relies on impersonation tactics to trick victims into believing fraudulent messages are legitimate.
Anti-phishing codes provide an extra layer of security, helping you verify the authenticity of messages by displaying a personalized, easily recognizable code.
Stay proactive: enable the latest security features, stay informed about emerging threats, and report suspicious messages to protect yourself and others.
Note: The SMS Anti-Phishing Code feature is being rolled out in phases and may not yet be available in your region.
Phishing scams have evolved to include fraudulent SMS messages, a tactic now known as "smishing" – a term derived from combining the words "phishing" and "SMS." Scammers impersonate legitimate senders and exploit how SMS messages are displayed, allowing them to insert malicious messages into existing threads. This makes their scams appear more authentic, tricking users into revealing sensitive information, clicking phishing links, or performing transfers that result in loss of assets.
To combat this, Binance is extending its Anti-Phishing Code to SMS, thus adding an extra layer of security for users. By incorporating a unique anti-phishing code into Binance SMS messages, we make it significantly harder for scammers to deceive you. Read on to find out what exactly smishing is and how to properly utilize our Anti-Phishing Code.
Understanding the Threat
Smishing makes it harder to identify fraudulent messages, increasing the risk of deception and loss of funds. Here’s how this scam can unfold:
The Disguise: The victim receives an SMS about suspicious account activity, appearing to come from a trusted provider like Binance. Because SMS systems group messages from what appears to be the same sender, the fake alert blends in with legitimate texts, making it seem authentic. The message urges the victim to call a number to "secure" their account.
The Trap: Once the victim calls, scammers instruct them to move funds to a “safe” wallet – one controlled by the scammers. They provide a seed phrase via email, another SMS, a fake website, or even during the call. Believing their funds are secure, the victim makes the transfer, only for the scammers to immediately drain the wallet, resulting in a loss.
For a deeper dive into this threat, check out “Web3 Wallet Security: Steer Clear of Fake Wallet Apps and Smishing.”
Don’t Take the Bait: Anti-Phishing Code is Here to Keep You Safe
To enhance security and combat smishing scams, we’ve extended the use of the Anti-Phishing Code feature to SMS communications. Previously available for emails, these user-set unique identifiers help verify the authenticity of messages from Binance. Now, when you receive an SMS from us, it will include your personalized code – known only to you – allowing you to confirm that the message is legitimate.
Set-up your Code
Visit the [Advanced Security Section] in the [Security] page under [Account] settings in your profile, and click [Enable] to start setting up your own Anti-Phishing Code.
To set up your code, create a unique combination of 6 to 8 characters, using a mix of uppercase and lowercase letters, digits, and underscores. Choose a code that is easy for you to recognize but difficult for others to guess.
Once set, all legitimate SMS and emails from Binance will include your personalized Anti-Phishing Code. Always check for this code when receiving messages – if it’s missing or incorrect, the message may be fraudulent. Stay vigilant and verify it before taking any action.
If you receive a message, check whether the code within matches the one you’ve set. If it does, the message is legitimate. If it doesn’t, it’s likely a scam. In the screenshot above, legitimate SMS messages containing the correct code are marked in green, while fraudulent ones without are marked in red. The same verification process applies to emails – always confirm the legitimacy of it by checking your code before taking any action.
Ways to Protect Yourself
While usage of Anti-Phishing Codes can significantly strengthen security, your best defense is staying vigilant and adopting smart habits. Here’s how you can further safeguard your assets:
Stay Skeptical
Unexpected messages urging immediate action or requesting personal information should always raise a red flag. Scammers rely on urgency to pressure victims into making mistakes. Hence, pause, verify, and think before you act.
Verify Before You Trust
Always confirm URLs and social media accounts through our Binance Verify tool or reach out to our customer support team on our official platform for clarification. A quick check can save you from falling into a scammer’s trap.
Avoid Clicking on Links in SMS
Even if a message appears legitimate, never click on any link in SMS messages. Instead, manually enter the official website’s URL in your browser to ensure you're accessing the correct platform.
Report Suspicious Messages
Help us fight fraud by reporting suspicious messages to Binance customer support and your mobile service provider. Your report could prevent others from becoming victims.
By staying alert and verifying every interaction, you can outsmart scammers and keep your assets safe.
Stay Alert and Informed
Smishing tactics are constantly evolving, making it crucial to stay ahead of scammers. Keep yourself updated on the latest fraud techniques and security best practices through Binance Academy. For a deeper dive into common scams, explore our security series. These resources will help you recognize and avoid smishing attempts, ensuring you stay one step ahead of potential threats.
Final Thoughts
Your security starts with you. Scammers prey on unsuspecting users, constantly refining their tactics to bypass defenses. Stay informed, stay cautious, and take full advantage of security features like Anti-Phishing Codes. The more layers of protection you set up, the harder it becomes for scammers to succeed.
Further Reading
What Is an Anti-Phishing Code and How to Set It up on Binance?
Identifying SMS Spoofing Attacks
Protect Your Crypto From SMS Spoofing Attacks
