Dozens of binance users point out that they have received a disturbing wool of phishing text messages that seem authentic. These messages even correspond to the phone number and income of SMS, which they regularly see for official binance updates.
Almost all phishing texts examined Beincrypto have the same version and format. This leads us to think that a harmful actor or a particular criminal group focuses on binance users sophisticated phishing campaign.
A targeted phishing campaign against binance users
Messages often warn against unauthorized activities on a user account such as adding a new two -factor authentication device.
The most commonly followed by text on the unexpected Binance Association with Ledger Live. The recipients are then asked to call the phone number.
Some target users say these texts appear in the same thread as their legitimate binance announcement. This creates confusion and encourages them to react. Beincrypto surveys reveal an increase in consumer complaints to X (formerly Twitter).
Many users claim to have been caught in fraudulent messages from the same sender identifier used binance for authentic announcements.
Meanwhile, the criminals for this campaign seem to use binance user data publicly reported on the Dark Web forums.
Last month, approximately 230,000 combined user records from Binance and Gemini were reported on the dark website. Safety experts suggest that these leaks come from phishing attacks rather than direct violations of systems.
A group suspected of harmful actors is likely to use published information names, telephone numbers, and emails to create targeted messages that provide the illusion of legitimacy.
In addition, a diagram observed in phishing attempts generally means an urgent question like “No?” ». This encourages the recipient to simply click the link to call the integrated phone number instead.
This method bypasses the more common phishing links in SMS.
Binance expands the anti-phishing code to SMS
In the exclusive e -mail in Beincrypto, the director of Binance security Jimmy SU responded to these discoveries. SU confirmed that the company is aware of the incident climbing.
“We are aware of the growth of fraud Smishing, where Crooks pretends to be us and other legitimate sender through SMS. These frauds seem to be more authentic, deceptive users to reveal sensitive information, click phishing links or loss of assets,” Binance security director in Beincrypto.
SU also revealed that Binance has expanded its anti -phishing code to an SMS. This feature was originally offered for e -maly.
The code is an identifier defined by a user that appears in the official Binance reports, facilitates recognizing authentic announcements, and avoiding fraudsters.
“By incorporating a unique anti -phishing code into a Binance SMS, we make it difficult to deceive our users,” SU said.
The antiphing code was deployed for all licensed courts where binance works.
In addition, according to Binance, both registered and unregistered users said they had received suspicious texts.
As a result, attackers could operate databases, including telephone numbers of individuals who do not actively use binance.
Beincryptte advises users to take additional measures, such as controlling transactions directly through the Binance application or the official website, using multifactorial verification, and never share your phone identification data.
It is strongly recommended to report suspicious Binance support team messages.
Individuals are encouraged to confirm the official communication by checking the anti-Phishing code and carefully explore any request to call phone numbers provided in junk messages.
Notification of irresponsibility
Notice of non -response: In accordance with the TRUST project, Beincrypto undertakes to provide impartial and transparent information. The aim of this article is to provide accurate and relevant information. However, we invite readers to verify their own facts and consult a professional before it decides on the basis of this content.