Binance users targeted in SMS phishing scam using fake security alerts

Source Cryptopolitan

Phishing scammers have targeted Binance users in a new campaign using text messages. According to reports from users of the exchanges, the scammers are sending messages that look genuine.

Text messages shared by users follow a similar pattern. They call attention to a security issue and require the user to call a number to resolve it. By doing this, they bypass anti-phishing safeguards that detect malicious links but not phone numbers.

Users were getting alerts from various issues including reports of log-in from a different location, adding a new 2-factor authentication device, or connecting to a new hardware wallet.

So far, there has been no report of any victim, but users on X have alerted others about the risks, noting that Binance will never ask its customers to call a number. Meanwhile, one user mentioned that he called the number.

Binance phishing
SMS Phishing scam to Binance user (Source: X/ Public_Enemy_01)

He said:

“New scam @binance …… it came from the same number you text me from aswell. Rang it, spoke to Abdul in Landan, who didn’t like my tone for some reason and hung up. Watch out people.”

Interestingly, several users claim the text messages come from the same sender ID Binance uses for communications, leading to more uncertainty among users about the authenticity of the messages.

Binance says the data leak is not from its systems

Meanwhile, there are speculations about how the scammers got user data. Many believe they bought it from the dark web and are now using it for a targeted campaign. According to one user, an anonymous actor recently offered a database of Gemini and Binance users for sale.

The user claimed that a 2019 leak of Binance Know Your Customer (KYC) data is the source of the database. However, Binance has denied this, noting that it examined the hacker’s data and that the records are not connected to Binance.

Nevertheless, Binance.US has warned users about phishing sites that impersonate its website. A post on X warned that scammers are using lookalike websites to collect user data. It added that users should always confirm the authenticity of the QR code and website link, as it will never request a multi-factor authentication code outside its platform.

Binance CSO warns users about InfoStealers malware

A potential explanation also comes from Binance Chief Security Officer Jimmy Su, who said in a recent post that hackers are gaining access to user data due to malware on user devices and not a breach of Binance systems.

According to him, the bad actors are using malware known as InfoStealers to collect users’ credentials from their browsers. He claimed the malware collects all information saved on browsers, including passwords and clipboard data.

He added that users can unknowingly download the malware through phishing links on social media, unofficial software downloads, and malicious add-ons. Therefore, he advised them to download software only from official sources and avoid saving passwords in browsers.

Su said:

“This is not an isolated case. Our security team continuously monitors dark web sources and malware campaigns to identify potential threats to our users.”

Meanwhile, Binance has now extended an anti-phishing code for SMS to enable users to recognize genuine text messages. The code, which is set by each user, accompanies every authentic text message from the exchange and is reportedly available in all jurisdictions where Binance has a license to operate.

Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
Bitcoin volatility drops to third-lowest level since 2012 amid rise in BTC treasury companiesBitcoin (BTC) trades above $108,000 on Tuesday following a steady decline in its volatility in the first half of the year, marking the third-lowest H1 volatility since 2012.
Author  FXStreet
Yesterday 02: 11
Bitcoin (BTC) trades above $108,000 on Tuesday following a steady decline in its volatility in the first half of the year, marking the third-lowest H1 volatility since 2012.
placeholder
AUD/NZD inches higher to near 1.0900 as RBNZ maintains Official Cash Rate at 3.25%AUD/NZD holds ground after the Reserve Bank of New Zealand (RBNZ) decided to stand pat on the policy rate after six consecutive cuts, trading around 1.0890 during the Asian hours on Wednesday.
Author  FXStreet
Yesterday 03: 03
AUD/NZD holds ground after the Reserve Bank of New Zealand (RBNZ) decided to stand pat on the policy rate after six consecutive cuts, trading around 1.0890 during the Asian hours on Wednesday.
placeholder
Ethereum Price Turns Positive — More Upside Likely if Momentum HoldsETH is now consolidating gains and might aim for a fresh move above $2,620.
Author  NewsBTC
Yesterday 03: 26
ETH is now consolidating gains and might aim for a fresh move above $2,620.
placeholder
Jeff Bezos sold nearly 3 million Amazon shares for $665.8 million in early JulyJeff Bezos has sold nearly three million shares of Amazon in the first two days of July, offloading a total of $665.8 million.
Author  Cryptopolitan
Yesterday 03: 43
Jeff Bezos has sold nearly three million shares of Amazon in the first two days of July, offloading a total of $665.8 million.
placeholder
Gold price slides further below $3,300, over one-week low amid a firmer USDGold price (XAU/USD) trades with a negative bias below the $3,300 mark during the Asian session on Wednesday and drops to a one-and-a-half-week low in the last week.
Author  FXStreet
22 hours ago
Gold price (XAU/USD) trades with a negative bias below the $3,300 mark during the Asian session on Wednesday and drops to a one-and-a-half-week low in the last week.
goTop
quote