Binance, the world's leading cryptocurrency exchange, has issued an urgent warning about scams targeting users through impersonating support calls and phishing SMS messages. These tactics mainly aim to steal API login information and seize users' assets, particularly those using API keys or engaging in transactions on the P2P platform.
Scam Tactics Becoming Increasingly Sophisticated
According to Binance, scammers often impersonate support staff to notify users of "serious security issues" on their accounts, thereby requesting personal information or API key confirmation. Many users have been convinced by these tricks, leading to serious losses.
Binance's security team emphasizes:
"The safest way is to always verify information through our official app or website; never share personal data or authentication codes via SMS or calls."
Significant Damage, Especially to Stellar (XLM)
The latest report notes total damages of approximately $4.94 million, primarily related to Stellar (XLM) and some other digital assets. Binance is closely coordinating with security experts and authorities to trace, mitigate losses, and enhance system protection measures.
Impact on the Entire Industry
The series of fraudulent incidents not only affect Binance users but also increase pressure on the entire cryptocurrency industry regarding security issues. In particular, attacks targeting Layer 1 assets through phishing and exploiting leaked data have forced many exchanges to enhance their technology and protection policies.
To cope, Binance has strengthened cooperation with technology partners like TRM Labs, implementing an advanced transaction monitoring system and analyzing historical data to detect attack patterns. This move is part of the industry's overall trend, shifting from post-incident response to proactive protection.
Advice for Users
Always check information on Binance's official channels.
Do not provide API keys, passwords, or authentication codes to anyone.
Enable advanced security features like two-factor authentication (2FA) and strict API key management.
Immediately report any suspicious activities to the official support team.
With the rise of phishing attacks in the cryptocurrency space, increasing user awareness and vigilance is the first and most important line of defense to protect digital assets.
