In Ukraine, cases of fraudulent attacks with message substitution have become more frequent — the Binance exchange is recording more and more similar requests from users.
The platform team reminded about basic security rules and main ways to protect oneself.
In Ukraine, SMS attacks by fraudsters are being recorded more frequently: message substitution has become one of the most common schemes for deceiving users in recent months, Incrypted was told by the support service of the cryptocurrency exchange Binance. Representatives of the platform reported that the team has recorded numerous requests regarding this issue.
“Despite the emergence of hundreds of modern authentication apps, SMS remains the primary method of transaction confirmation for millions of users. Scammers have learned to embed fake SMS into the same chats where you receive official messages from banks or exchanges. The same number. The same thread of messages. Completely different intentions,” Binance noted.
Why this is dangerous
SMS spoofing is a technique where scammers send messages from ‘someone else’s’ name. The phone cannot distinguish between a real message and a fake one and merges everything into one thread. As a result, the user sees a fake SMS next to official messages — from the bank, mobile operator, or online service and believes in its authenticity.
“Then everything follows the script: a call to the ‘hotline’, entering data or transferring money,” Binance says.
The whole scheme relies on psychology, the exchange team points out: create panic (‘your account is under attack’), add urgency (‘call immediately’), mix real and fake — and the user takes the necessary actions on their own.
How it works:
- Weak SMS gateways. Some providers allow sender ID spoofing.
- VoIP services. Internet telephony allows specifying any sender name.
- Gray channels. Some bulk mailing providers collaborate with scammers and help embed fake messages into ‘trusted’ channels.
A real story: one of the exchange users received an SMS about ‘suspicious logins from different cities’. The message appeared in the same thread as the real messages from the exchange. In a panic, he called the indicated number.
“Then the scammers played it cleverly: they simultaneously initiated a real password recovery request at Binance to confirm their ‘legend’. In the conversation, they offered to ‘protect the funds’ and transfer them to a wallet for which they provided a seed phrase. In reality, it was their own wallet. Had the victim succumbed to the pressure, their money would have ended up with the scammers,” Binance emphasized.
How to protect yourself:
Notice the ‘red flags’:
- calls to act immediately: ‘call right now’ or ‘urgent, confirm your data’;
- SMS with suspicious links that do not lead to the official site;
- messages without your unique security marker (code or user ID).
Follow simple rules:
- All actions should only be in the app or on the official website. Any settings or operations with the account should be done only through verified channels. No ‘hotlines’ from random SMS or links are safe.
- Check the Anti-Phishing Code. If you set it, it appears in every official message. If not — your User ID is automatically added to the SMS. If there is no marker — it’s a red flag.
- Don’t rush. Scammers play on urgency. Always take a pause and verify the information through official channels.
- Awareness is the best weapon. The best way to counteract is to be informed. Keep up with news in the field of cybersecurity and read materials on typical fraud schemes to recognize the threat before it affects you.
“Technology cannot protect against everything. Even the best technical filters will not stop scammers if the user themselves gives them access. Therefore, knowledge and caution become the main shield. In the Web3 world, every minute counts: it takes just one fake SMS to lose everything. Do not let scammers play on trust. Set your own security rules and stick to them,” Binance concluded.