Main
Account takeover is an attack in which attackers steal login credentials to gain control of online accounts.
This form of identity theft is becoming increasingly common and affects both individuals and businesses.
Learn the signs of account takeover and how to protect yourself from attacks in our next article in the How to Stay Safe series.
An account takeover attack (ATO) can lead to the theft of your cryptocurrency or personal data. Learn how to protect yourself by detecting ATO attacks before they happen.
Imagine that you woke up one morning and discovered that someone had deprived you of your cryptocurrency savings. Losing funds is just one aspect that victims of account takeover attacks (ATO) face.
ATO attacks are carried out by cunning cybercriminals who seize ownership of their victims' online accounts in order to steal their funds or personal data. Attackers can also use stolen personal information to further their criminal activities. Unfortunately, there are many ways that criminals can steal your credentials. These include malware and social engineering, where the victim is manipulated into revealing information.
However, attackers often leave traces that can serve as a warning. By recognizing these warning signs, you can take timely action and protect your accounts from ATO attacks.
Warning Signs: How to Detect an Account Takeover Attack
Requests to access confidential information or account
Be wary if someone calls, texts or emails you asking for personal information or login information. Legitimate service providers will never ask you to disclose sensitive information through such channels.
Suspicious emails or messages
Let's say you receive a message or email that looks suspicious or is unexpected. This means that someone may be trying to obtain sensitive information, such as your username, password, or second factor authentication (2FA) code, using phishing techniques. Be wary of messages with suspicious links or requests for urgent action, such as updating your password. Be aware that these fake messages are sent from unfamiliar email addresses and often contain spelling or grammatical errors.
To avoid such phishing attacks, you can set up an anti-phishing code that only you will know. This unique code is added to all official emails from Binance, letting you know that the message is indeed from us.
Changes in account balance
Keep track of your asset balances and transaction history. Watch out for a sudden increase in the number of trades or orders, withdrawals that you did not initiate, or unfamiliar transactions. If you are a Binance user, you can immediately report any unusual activity to our Help Desk.
Problems logging into your account
If you can't sign in with your current credentials, someone may have changed your password. Also, your two-factor authentication method may have been changed without your knowledge, preventing you from accessing your own account.
Unauthorized change of account settings
If you notice unexpected changes to your account settings, such as your contact information, email address, or security settings, someone may be trying to take over your account.
Other tips for detecting account takeover attacks
Setting up alerts from Binance
Enable notifications in your Binance account settings to receive alerts about unauthorized activities such as password changes, login attempts, or withdrawal attempts. Alerts from Binance about actions you didn't take are a sign that someone else has access to your account.
Enable two-factor authentication (2FA)
Two-factor authentication (2FA) helps protect your Binance account by adding an extra verification step, making it harder for hackers to gain access to your account. 2FA can be done using Passkeys, Google Authenticator app, SMS codes and other methods.
By setting up 2FA, you will receive alerts every time someone attempts to log into your account (either your own or someone else's).
Track login attempts
If you logged into your account at an unusual time or using non-standard parameters, someone else may have gained access to your account. Imagine logging into your Binance account in the evenings after work. However, you receive a notification about activity on your account early in the morning while you were sleeping. This suggests that someone else could have accessed it.
Check for unfamiliar connected devices
If you used a device to access your account that has different characteristics (such as type, operating system, browser version, IP address, and unique identifiers) than your own, this may indicate an unauthorized access attempt. An attack may also be indicated by suspicious login attempts from unusual or unexpected locations.
While these warning signs do not directly indicate an ATO attack, you should investigate them further, change your password immediately, and enable multi-factor authentication (MFA) to strengthen your security where possible. If you suspect that your Binance account has been hacked, please contact Customer Support as soon as possible.
The importance of regular account audits
When it comes to account security, prevention is better than cure. One effective way to protect against attacks is to regularly check your account security settings. It helps protect data more reliably, promptly detect signs of hacking and suspicious activities, and also identify unauthorized access attempts.
Changing passwords, checking access rights, monitoring activity logs, and updating security settings are just a few of the auditing methods.
Binance security teams continually monitor suspicious activity and improve security measures. If a user reports an ATO attack, Binance always thoroughly investigates the cause and helps those affected. If you suspect that your Binance account has been hacked, please contact Customer Support as soon as possible.
Want to know how to better protect your accounts? Don't miss the next installment in our How to Stay Safe series, where we'll share more tips for preventing ATO attacks.
Additional Information
How to protect yourself: what are account takeover attacks?
How to Protect Your Binance Account: 7 Easy Steps
How to protect yourself: types of account takeover attacks
Risk Warning and Disclaimer. The following materials are provided “as is” without warranty of any kind for general reference and educational purposes only. This information should not be considered financial advice or a recommendation to purchase any specific product or service. The value of digital assets may be volatile, increasing the risk of loss of investment. You are solely responsible for your investment decisions. Binance is not responsible for your possible losses. This information does not constitute financial advice. See Terms of Use and Disclaimer for details.