Main
Social engineering is psychological manipulation that cybercriminals use to steal money. They often use phishing emails, phone calls, and personal messages.
Fraudsters often obtain sensitive information about a victim from their digital footprint, so managing personal data is important to reduce potential risks.
Both Binance and platform users play an important role in the fight against social engineering. Users should be aware of potential threats and remain vigilant. Binance is constantly improving its security measures and collaborating with law enforcement agencies to prevent fraud at the planning stage.
If you unexpectedly receive a private message from someone claiming to be from Binance, it is almost certainly a scam. Never disclose your BUID or other personal information to others, and only communicate with support representatives through the official chat in the Binance app or website.
In this article, you will learn how to combat social engineering, protect yourself from scams, and help the Binance community.
Social engineering scams are on the rise in the cryptocurrency space, so we all need to be careful. Binance takes user security and privacy very seriously, and combating cybercrime is an integral part of our risk management strategy. However, users should also be aware of new scams and remain vigilant as this is the best way to protect themselves and their funds.
If you don't know much about social engineering, keep reading to learn how to recognize the warning signs. In addition, we will tell you how we help fight criminals.
Remember how Binance representatives can contact you
Before we get into the details, you should understand exactly how our representatives can contact you. Binance uses only official, verified channels to communicate with users. These include:
Official emails from the Binance domain
In-app notifications
Announcements on the official Binance website
Verified accounts on social networks
Binance Support Portal
It is important to remember that Binance will never ask for personal or other sensitive information through private messages, phone calls, or unofficial communication channels.
To increase security, you can use the Binance Verify service. It allows you to check whether your interlocutor really represents Binance. Just insert a link to the website, email address, phone number, Twitter account or Telegram ID of the person who contacted you.
If someone is pretending to be a Binance employee or consultant and you are unsure about their identity, please contact our support team. We will help you verify the authenticity of messages.
What is social engineering and how does it work
Social engineering is a set of manipulations to deceive people. Using social engineering, attackers force victims to disclose confidential information, provide access to personal accounts, or perform other actions.
Social engineering is built on the peculiarities of psychology and often exploits gullibility. Attackers pose as colleagues, friends or authority figures and use various schemes to force the victim to perform the necessary actions. For example, they use phishing emails, phone calls or personal messages that put the person or their organization at risk.
Let's look at some examples. Imagine that a bank calls you and asks you to confirm your personal data and bank card details. You provide your details, after which money is debited from your card. This call was not from a bank employee, but from a scammer who used social engineering methods.
You may even be added to a group chat in a popular instant messenger, where administrators pretend to be representatives of a cryptocurrency exchange. This chat can also place advertisements for profitable investments that supposedly guarantee high returns in the near future. Other people in the chat may be enthusiastic and immediately agree to such an investment, giving you the impression that you are at risk of missing out on a good deal (FOMO). All these factors push you to send funds to an unknown address.
However, in reality, cryptocurrency exchanges like Binance do not communicate with users in this way. Binance communicates with users only through its official, verified channels and never uses SMS or creates group chats.
Digital footprint and its impact on the security of personal data
Fraudsters often use the digital footprint of users on the Internet for their purposes. A digital footprint is information about your activities or identifiable information that you leave online, including social media posts, browsing history, and search queries.
These digital artifacts can be dangerous because they reveal sensitive information that can be used against you. For example, your social media post might reveal that you are planning a trip to Thailand. Attackers can use this knowledge in social engineering to gain your trust.
Over time, your digital footprint grows, creating a detailed record of your activities online that is often difficult to remove. Therefore, it is important to manage your data and control your digital footprint to protect against potential privacy and security threats.
New threats and social engineering tactics
The number of social engineering attacks has increased significantly in recent years. Deception methods are constantly improving along with the development of technology, which makes it difficult to identify and prevent fraudulent schemes. New methods of digital communication provide attackers with more and more opportunities to deceive and steal funds.
Cybercriminals actively use social networks to find victims and use social engineering. An attacker could pretend to be a friend, colleague, or official by copying information from relevant accounts and online data.
Social engineering schemes are spreading rapidly, and therefore users must pay special attention to digital security and the protection of personal data. To better understand how these scams work, let's look at the most common tactics.
Phishing: Scammers contact victims via email, SMS or instant messaging, pretend to be from reputable organizations and try to convince them to click on malicious links, divulge confidential information or download malware.
Pre-texting: attackers follow a planned communication script to gain the trust of victims and obtain personal data - for example, impersonating representatives of a bank or support service and demanding to provide data for verification.
Bait: Cybercriminals promise victims free goods or services in exchange for clicking a link or downloading a malicious file.
Quid pro quo: Fraudsters offer a valuable service or product in exchange for sensitive information or access to victims' systems.
Spear phishing: Spear phishing attacks targeting specific people or organizations that use detailed, personalized schemes to deceive victims.
Watering hole attack: Attackers target a site that is frequently used by a target group and place malware on it that infects visitors' devices.
How Binance Prevents Social Engineering Scams
User protection is Binance's top priority. We strive to prevent social engineering scams by implementing strong security measures and educating users about common scams.
Binance uses a wide range of security mechanisms, including multi-factor authentication, advanced verification processes, and continuous monitoring for suspicious activity on the platform.
Binance also works closely with cybersecurity experts and law enforcement to stay on top of emerging threats. By working together, industry stakeholders can develop an action plan to combat social engineering.
Nils Andersen-Rød, Deputy Head of Financial Crime at Binance: “We have always believed that security is a collaborative effort, and the blockchain space is no exception. The Binance team has already seen that collaborating with the public sector and other companies in the industry around the world complements our own efforts to create a safer and more reliable ecosystem for users. Yet it is equally important to involve users themselves in the process so that they know how to protect themselves and their assets.”
Binance places special emphasis on ensuring that users take their security seriously. After all, the most effective way to combat social engineering is through increased awareness and preventative measures.
We regularly publish announcements and guides on new scams and the best ways to protect yourself. We also cover how to identify and report suspicious activity. For example, in the articles in the How to Recognize Fraud series, we look at common cryptocurrency scams so that users are vigilant.
We recommend contacting us only through verified social media accounts and official channels for accurate information and updates. These measures will help protect against scammers posing as Binance representatives.
How to protect your personal data on the Internet
In addition to Binance's security measures, users can take steps to protect themselves.
Be wary of unexpected messages from strangers
Social engineering attacks often begin with unexpected requests through emails, SMS, social media posts, or additions to group chats. Be skeptical of any unsolicited message, especially if it asks for personal information or an action.
Check the authenticity of the sender
To spot a scammer, check the sender's email address or social media profile for any inconsistencies or suspicious signs. Official messages must come from verified accounts or from known, official email domains.
Pay attention to mistakes
Cybercriminal messages often contain grammatical and spelling errors, as well as incorrect formatting. Pay attention to this when assessing the credibility of a message.
Hover over the link before clicking
Hover over the link, but don't click it, to see the destination URL. If it looks suspicious or is not related to the intended sender, it could be a scam.
Don't give in to pressure
Social engineering scammers often try to create a sense of urgency, fear, or other emotional triggers in the victim. Be wary if the person you're talking to demands immediate action, threatens consequences, or describes a suspiciously lucrative offer.
Review requests for sensitive information
Official organizations rarely ask for personal or financial information via email or social media. If you receive such a request, please contact the organization directly through its official channels to verify the authenticity of the message.
Beware of fake sites
Fraudsters often create fake versions of official websites to trick users. Before entering sensitive information, make sure the URL is correct and the site has a secure connection (https://).
How Education and Cyber Hygiene Can Protect You
To protect against social engineering, preventive measures are extremely important, since this type of fraud exploits psychological vulnerabilities rather than technological ones. If you fall victim to such a scam, you may find it difficult to recover from the loss of confidential information, money or personal data.
For this reason, it is necessary to increase awareness of possible types of fraud and remain vigilant. Stay aware of new scams and practice internet safety to protect yourself from cybercriminals. Be vigilant and suspicious of messages from strangers to better protect yourself from social engineering.
In addition, it is necessary to properly store and control data on the Internet. Practice good cyber hygiene to make it less likely for scammers to gain access to sensitive information.
Remember that information that seems insignificant to you can be extremely profitable for a scammer. Social media is a powerful tool for learning more about you and using that information to gain your trust.
Stay vigilant - Binance will do the rest
Both Binance and platform users play an important role in the fight against social engineering. Users need to remain vigilant and aware of new scams and take appropriate steps to protect accounts and personal information.
In turn, Binance identifies the attackers themselves and fights them. We are also constantly improving the security measures on the platform for all users of the ecosystem. By working together, Binance and its users are protected from the most sophisticated social engineering scams.
Additional Information
Risk Management: Comprehensive Security Analysis of the Binance Platform
What is social engineering?
Risk Management: How Binance's Investigations Team Catch Crypto Criminals
