Cryptocurrency exchange Binance has been warning investors this past week of a large-scale phishing campaign. Scammers are sending SMS messages to crypto users, informing them of a withdrawal request from an unknown IP address — which they understandably may wish to cancel. Binance CEO, Changpeng Zhao, recently stated in a tweet that:
“There is a massive phishing scam via SMS with a link to cancel withdrawals. It leads to a phishing website to harvest your credential […] NEVER click on links from SMS! Always go to Binance.com via a bookmark or type it in.”
For your reference, see the phishing page below (note the number sequence in its URL, one of several flags).
Would-be victims have also taken to Reddit to share screenshots and relay how each phishing attempt played out. (Source: Reddit)
Content
- [Binance] Withdrawl code: 342819. If this was not generated by you, please click here: https://cancel8745200-binance-com[.]web[.]app
- [BINANCE] New login? Confirm: https://cancel8499204-binance-com[.]web[.]app
- [Binance] Withdrawal code: 299383. Don’t disclose this to anyone. To cancel, visit: {URL}
How to Protect Yourself
- Double-check the sender’s email address — does that align with the company/brand?
- Change your passwords immediately if you find your email appeared in any data leaks.
- Always go to the official website/application instead of using links from unknown sources. Use Trend Micro ScamCheck to surf the web safely (it’s free!).
ScamCheck is an all-in-one browser extension for detecting scams, phishing attacks, malware, and dangerous links – and it’s FREE!
After you’ve pinned ScamCheck, it will block dangerous sites automatically! It is now available on Safari, Google Chrome, and Microsoft Edge.
Check out this page for more information on ScamCheck.
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE with friends and family to help keep the online community secure and protected. While you’re at it, check our Trend Micro Maximum Security below too!