Many Binance users report receiving an astonishing wave of phishing text messages that look authentic. These messages also match the phone numbers and SMS inboxes that you regularly see for official Binance updates.
Almost all phishing texts reviewed by Beincrypto have the same wording and format. This will lead you to believe that a particular threat actor or criminal group is targeting Binance users in sophisticated phishing campaigns.
Targeted phishing campaigns for Binance users
Messages often warn users of unauthorized account activity, such as newly added two-factor authentication devices.
Most commonly, phishing messages follow up text about unexpected Binance API pairing with Ledger Live. The recipient is then prompted to call the provided phone number.
Some target users claim that these texts will appear in the same thread as legitimate Binance notifications. This creates confusion and encourages them to get involved. A survey by Beincrypto reveals a surge in consumer complaints on X (formerly Twitter).
Binance Use shared SMS received with Beincrypto over the past week
Many users say the scam message was caught off guard as it originated from the same sender ID used by Binance for real notifications.
Meanwhile, the criminals behind this campaign appear to be taking advantage of leaks of public Binance user data on the Dark Web Forum.
Last month, an estimated 230,000 user records from Binance and Gemini reportedly were on sale on Dark Web. Security experts suggest that these leaks came through phishing attacks rather than system violations.
A group of suspected threat actors may be using leaked information (name, phone number, email) to create a target message that gives an illusion of legitimacy.
Also, patterns seen in phishing attempts usually include the emergency “not you.” Query. It prompts the recipient to call an embedded phone line rather than simply clicking on the link.
This method bypasses the more common scenario of phishing links in SMS.
Binance extends anti-phishing code to SMS
In an exclusive email to Beincrypto, Binance’s Chief Security Officer Jimmy Su responded to these findings. Su confirmed the company’s perception of the escalating Smith incident.
“We are aware of rising scams where phishing scammers are pretending to be us and other legitimate senders via SMS. These scams appear to be more authentic, ensuring that users reveal sensitive information and make transfers that lead to phishing links or loss of assets,” Binance’s chief security officer told Beincrypto.
Su further revealed that Binance has expanded its Anti-Phising Code to SMS. This feature was originally provided for email.
This code is a user-defined identifier that appears in official binance messages, making it easier for recipients to recognize the real notification and avoid fraudsters.
“By incorporating our own anti-phishing code into Binance SMS messages, it makes it much more difficult for scammers to deceive users,” says Su.
Anti-phishing codes are deployed in all licensed jurisdictions where Binance runs.
Also, according to Binance, both registered and non-registered users report receiving suspicious texts.
Therefore, the attacker may be leveraging a database containing phone numbers for individuals who are not using Binance.
Beincrypto advises you to take additional measures, such as using multifactor authentication, or sharing your credentials over the phone, including directly checking transactions directly through Binance’s official app or website.
We highly recommend that you report any suspicious messages to the Binance support team.
Individuals are encouraged to confirm official communications by checking anti-phishing codes and carefully scrutinize requests that call phone numbers provided in unsolicited messages.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
