WEEX Exchange Security Fraud Prevention Guide: Identifying and Preventing Phishing Scams

According to a report previously released by the FBI, most victims of cryptocurrency investment scams are over 30 years old, with a significant portion over 60 years old. They easily fall into phishing scams due to their inability to obtain accurate and clear information in a timely manner.

Blockchain technology is evolving rapidly, and cryptocurrency scam groups are continuously updating their fraudulent methods, with phishing scams becoming increasingly rampant and cunning. Today, WEEX Exchange will discuss Web3 phishing scams in detail to ensure your cryptocurrency security journey.

What is phishing fraud?

Phishing is a socially engineered attack where scammers impersonate WEEX Exchange through malicious links or applications to steal sensitive information such as usernames, passwords, and two-factor authentication (2FA), thereby stealing users' digital assets.

Scammers often contact users through phishing emails, SMS, or private messages on social platforms, guiding users to complete asset transfers to fake phishing websites under the pretext of user withdrawal or discontinuation of services; or remind users that there are orders that need to be verified, leading users to fake phishing websites to complete account unfreezing. Some scammers even forge WEEX Exchange employee IDs to increase credibility and induce users to disclose sensitive personal information or visit phishing websites under the guise of account involvement in dirty money, risk, or frozen account unblocking operations.

Common phishing attack methods impersonating WEEX include:

● Impersonating WEEX customer service by sending emails.

● Clone the WEEX website.

● Misleading users via SMS about account risks, directing them to phishing websites.

● Tampered WEEX links on social media.

● Advertising on search engines to lure users to find fake WEEX customer service phone numbers and website links.

● Impersonated WEEX customer service on social chat platforms.

● Inducing users to download free software on the internet.

● Accessing free WiFi may expose personal sensitive information.

How to effectively prevent phishing fraud?

It is well known that the most important and weakest link in the security system is people, and it is crucial for users to remain vigilant. In recent years, fake trading websites and apps impersonating WEEX Exchange have proliferated, further highlighting the urgency for users to be alert and prevent phishing scams.

Phishing messages often contain subtle errors, such as strange grammar, spelling mistakes, nonsensical statements, peculiar domain names, etc. Therefore, be sure to carefully check the URL sent to you by others, and develop the habit of checking links: hover your mouse over the link to see if the domain name is normal. Also, remember the official WEEX domain weex.com. You can also verify emails, URLs, and Telegram accounts by visiting the official WEEX verification page (https://www.weex.com/zh-TW/official-verification) to check if they come from WEEX officially.

In addition, scammers often try to create a sense of urgency to prompt users to act quickly. For example, they may send emails stating that your account will soon expire, requiring you to complete verification within a specified time; or send SMS messages guiding you to quickly transfer assets to a safe wallet 'to avoid asset loss', etc.

In the face of such sudden information, especially when asked to provide personal or financial information, be very cautious. Please note that WEEX Exchange staff will never ask for such details.

WEEX reminds you to be cautious when visiting any suspicious links and avoid entering personal information on unfamiliar websites; be careful when downloading any unknown attachments. When downloading and installing the WEEX App, please be sure to use the download channels provided on the WEEX official website (https://www.weex.com/zh-TW/download) or search for 'WEEX' in the official App Store / Google Play.

To prevent phishing fraud, users and WEEX must work together. Below are the security guidelines recommended by WEEX Exchange on how to identify and prevent phishing scams. With these guidelines, you can effectively recognize the disguises of cryptocurrency phishing scammers and protect your assets.

1) Always ensure that you are using the latest version of Google Chrome or Firefox browsers, which can automatically detect high-risk or unsafe phishing websites and promptly alert users.

2) Confirm that the URL you opened is the correct official domain of WEEX: weex.com.

3) Check if the SSL certificate of the currently visited website is valid.

4) Enable Google two-factor authentication (2FA) or SMS verification. Stay vigilant and do not disclose the 16-digit key for Google two-factor authentication to anyone or any website. If you accidentally leak your username and password, 2FA can still protect your account from being logged in by hackers.

5) Use the Netcraft plugin in Chrome or Firefox to detect phishing websites.

6) Install antivirus software and update the system and antivirus software in a timely manner to ensure a safe computer network environment.

7) Use secure networks and avoid accessing insecure free WiFi.

8) Use a unique account email and different passwords, and do not disclose your passwords to anyone.

9) Be cautious when clicking links and attachments in emails.

10) Encrypt your email and phone.

Beware of online/phone scams impersonating WEEX official personnel.

Previously, there have been reports of scam activities impersonating WEEX staff, including impersonating WEEX customer service and business personnel to call users, adding WeChat, and luring users into fake WeChat groups. Below are some typical methods summarized by WEEX regarding scams involving impersonated WEEX staff:

1) Add your WeChat/QQ/Telegram and other social accounts, request your email, or send you links/QR codes to prompt you to fill in your account information or log in to your corresponding accounts and bank accounts, stealing your assets through a series of operations.

2) Invite you to share your screen remotely, guiding you to operate your account. During this process, they may ask you for your phone verification code, Google verification code, or authorize remote login under the pretext of verifying if it is you operating, in order to steal your account information.

3) Provide a false URL, guiding you to withdraw funds to so-called 'safe accounts' or transfer to specified addresses to complete so-called 'account unfreezing', 'asset conversion', etc., to further steal your assets.

4) Impersonate official departments to send SMS, emails, or make phone calls, stating your account involves dirty money, is at high risk, has a frozen account, requires unblocking, user withdrawal, or will no longer provide services, or ask you to verify orders via SMS, leading you to withdraw funds to so-called 'safe accounts' or conduct 'asset conversions', and may also request you to provide 2FA, scan QR codes, or visit phishing websites to verify orders.

Safety reminder: No platform or judicial staff will proactively contact you claiming that your account poses a money laundering risk, nor will they ask for your password, verification codes, etc. They will not ask you to connect to third-party screen-sharing software, nor will they request you to perform operations such as trading, withdrawing funds, or transferring assets.

5) Impersonate official accounts of WEEX Exchange to create groups for scams under the guise of swapping, earning interest, smart contracts, etc.

WEEX once again reminds you: The official customer service of the WEEX platform will not contact users by phone. Online customer service is the only communication tool WEEX uses to contact users. Any official information from WEEX Exchange is subject to the official website announcements, carefully discern scam behaviors to avoid financial losses. If you have any issues related to funds, please consult customer service immediately.

If you receive an email from WEEX, please verify the sender's information immediately. Additionally, be sure to enable the anti-phishing code in your account security settings to add a layer of protection to your account, and never share the anti-phishing code with anyone. Once you set up the anti-phishing code, all official emails from WEEX will contain this code to help you verify its authenticity.

Finally, always remember that due to the irreversibility of blockchain transfers and the anonymity of user information, once a transfer occurs or account information is compromised, your funds may be irretrievable!