Cybercrooks Threatening Binance Users Through Deceitful SMS Phishing Campaign
Binance Users Under Phishing Attacks: What You Need to Know
In a chilling wave of attacks, Binance users are receiving phishing text messages that seem authentic. These messages, resembling official Binance updates, have spurred concerns about a sophisticated phishing campaign targeting the platform's users.
The Phishing Menace Unveiled
Phishing texts reviewed by BeInCrypto share similar formats and wording, leading experts to believe a specific threat actor or criminal group is the culprit. The messages often claim unauthorized account activities, such as new two-factor authentication devices, or warn about an unexpected Binance API pairing with Ledger Live. these messages usually prompt users to call a provided phone number.
Strangely enough, these scam messages sometimes appear in the same thread as legitimate Binance notifications, adding to user confusion. Social media platforms like X (formerly Twitter) have seen a surge in complaints from Binance users.
A Closer Look at the Campaign
A closer examination reveals that the criminals behind this campaign capitalize on publicly leaked user data on dark web forums. A hacker has reportedly been collecting Binance user data by compromising browser sessions on infected computers.
Last month, an estimated 230,000 combined user records from Binance and Gemini appeared for sale on the dark web. Security experts suggest these leaks stemmed from phishing attacks rather than direct system breaches. The suspected group of threat actors is likely using stolen information - names, phone numbers, and emails - to send targeted messages that appear legitimate.
Binance's Anti-Phishing Measures
In an email to BeInCrypto, Binance's Chief Security Officer, Jimmy Su, acknowledged the escalating smishing incidents. "We are aware of smishing scams on the rise where phishing scammers are impersonating us and other legitimate senders via SMS. These scams appear to be more authentic, tricking users into revealing sensitive information, clicking into phishing links, or making a transfer that result in loss of assets."
Su further divulged that Binance has expanded its Anti-Phishing Code to SMS. Introduced previously for emails, this user-defined code now appears in all official Binance SMS messages, making it more difficult for scammers to deceive users. This feature is active in all licensed jurisdictions where Binance operates.
Attackers might be leveraging databases with phone numbers of both active and inactive users, underscoring the need for vigilance among non-registered individuals as well.
Protecting Yourself: Tips and Best Practices
BeInCrypto advises users to adopt additional measures, such as verifying transactions directly through Binance's official app or website, using multifactor authentication, and never sharing credentials over the phone. Users are also encouraged to report fraudulent texts to Binance’s support team for investigation.
To verify official communications, check for the Anti-Phishing Code and scrutinize any requests to call phone numbers provided in unsolicited messages. Avoid clicking on links in suspicious texts, and manually type URLs instead of following links. Be wary of urgency tactics, like "not you?" queries, and false security warnings.
In conclusion, it's crucial for Binance users to stay informed, vigilant, and proactive in safeguarding their assets against phishing attempts.
Just 3 easy steps to grab a guaranteed $10 bonus from eToro:
- Set up an account
- Deposit $100
- Invest wisely, bearing in mind the risks involved. This investment may not offer protection if something goes wrong.
Don't forget to report suspicious messages to Binance's support team for investigation! Stay secure, stay informed.
- The phishing messages being sent to Binance users resemble official Binance updates, causing concerns about a targeted phishing campaign.
- The criminals behind this campaign are believed to be using stolen user data from dark web forums, including names, phone numbers, and emails, to send targeted messages.
- Binance's Chief Security Officer, Jimmy Su, acknowledged the increased smishing incidents and revealed that Binance has incorporated the Anti-Phishing Code into SMS messages to help protect users.
- In addition to this measure, BeInCrypto advises users to verify transactions, use multifactor authentication, and avoid sharing credentials over the phone to protect themselves from phishing attacks.
- Cybersecurity experts regularly stress the importance of staying informed, vigilant, and proactive in safeguarding their digital assets, including cryptocurrencies and DeFi investments.
- To further strengthen cybersecurity, users may also consider incorporating technology like various wallet options and using reputable platforms like Binance and decentralized finance (DeFi) solutions for their financial transactions.
