1. What is a phishing attack?
Phishing is a type of social engineering attack; a fraudulent attempt to obtain sensitive information such as username, password, 2FA code, etc by disguising as Binance in electronic communication. Users are often deceived by trusted parties such as:
- Email spoofing.
- Fake Binance site.
- Instant message with a malicious link.
- Social websites with manipulated Binance link.
- Chat with impersonated Binance support.
- Fake Binance hotline or support in the search engine, etc.
- Social Media Fake Account.
- Malware downloaded from the internet.
- Free WIFI Phishing.
2. Phishing attack protection
The most important and weakest aspect of a security system is people. Hence, For users, vigilance is the key:
- A spoofed message often contains subtle mistakes such as spelling mistakes, strange syntax, unsmooth words, misspelled domain names, for instance, www.binance-co.com, etc.
- In addition, attackers will usually try to push users into action by creating a sense of urgency. For example, an email could threaten account expiration and shall be verified within a timeline; A message instructed users to move assets to a secure wallet to avoid loss as soon as possible.
Phishing attack protection requires steps to be taken by both users and Binance.
- Always upgrade Google Chrome or Mozilla Firefox to the latest version. Google Chrome or Mozilla Firefox will warn users of phishing or unsafe high-risk website. For examples:
- The safest way to login to Binance is through the website https://www.binance.com or https://www.binance.co
- We also recommend you to check and verify whether SSL certificate is given for domain name *.binance.com or *.binance.net
- Enable Two-Factor Authentication(2FA) such as Google 2FA or SMS 2FA. Be cautious and don’t disclose Google 2FA 16 digital backup keys to anyone or on any website. If username and password are compromised, 2FA prevents the use of compromised credentials, since these alone are insufficient to gain entry to the account or its funds.
1). Install Chrome Netcraft Extension or Firefox Netcraft Anti-Phishing Extension.
- Chrome Netcraft Extension
- Firefox Netcraft Anti-Phishing Extension
- Keep your systems/applications updated to avoid the security bugs. Install anti-virus software and keep it up to date.
- Do not connect to an untrusted wireless network.
3. Reporting Phishing
- Please report any Binance phishing sites you see to this form: Report Binance Phishing Sites.
4. Phishing cases
- Phishing email cases click: here
- Phishing site cases click: here
- Fake Binance hotline or support in search engine cases click: here
- Chat with impersonated Binance support cases click: here
- Scammers on Twitter cases click: here