🚨 Fact: According to Binance, over 60% of compromised accounts were hacked through internal links leading to external resources.
You're in Binance Square, reading a post… and you see a link: binance.com/abc Seems okay? Don't rush to click.
🕵️♂️ What could go wrong?
- Hidden redirects: Even if the link looks like binance.com, it may lead to a subdomain like binance.fake.com — especially if you are viewing the post not from the app, but in a browser.
- Phishing through broken redirects: There are cases where outdated internal links lead to external sites — and attackers exploit this.
- QR codes inside Square — they may look safe, but the encrypted URL can lead anywhere. Always check the link before scanning (use a safe scanner, like the one built into the Binance App).
What attackers do:
- the most common scenario - they steal your login data for Binance. You get the impression that you are still on the Binance site, but you have been logged out and need to log in again. You enter your password and the fake site steals it. Then your money too.
How to protect yourself: if you clicked on a link, never enter your credentials there. It's suspicious. Check that you are really on binance.com, not on a fake site. Do not share your password with anyone, for example, for participating in a promotion, airdrop, etc.
I wish everyone to stay safe🤗