Exchange
Blockchain and crypto asset exchange
Academy
Blockchain and crypto education
Broker
Trading terminal solutions
Charity
Blockchain charity foundation
Cloud
Enterprise exchange solutions
DEX
Fast and secure decentralized digital asset exchange
Labs
Incubator for top blockchain projects
Launchpad
Token Launch Platform
Research
Institutional-grade analysis and reports
Trust Wallet
Binance's official crypto wallet
Buy Crypto
Pay with
Markets
Support Center
FAQ
Security
Security Tips
Examples of Phishing Emails
Binance
2018-12-11 11:43

Phishing is a type of social engineering attack; a fraudulent attempt to obtain sensitive information such as username, password, 2FA code, etc by disguising as Binance in electronic communication.

1. Phishing Email Example 1

This email below was created by hackers to steal the user’s email account, password and 2FA backup key

  • Phished email was sent from a scam  Binance <do-not-reply19@www--binance.com> addressmceclip0.png
  • If you hover over the Verify Email button, you can see the phished link which in this case was  
    https://www--binance.com/binance/login.php?id=xxxx@axxxxl.xxm.  After clicking the button one can see this page:mceclip1.png
  • Unfortunately, some victims will fill in their Binance email account and password data on the scam ‘www--binance.com’ website. After clicking the Log In button, the hacker will have prepared a special dialog window as seen below:mceclip2.png
  • It is really unfortunate that some victims will decide to disclose their ‘2FA backup keys’ without hesitation. At this point, the hacker will have successfully collected the victim’s username/password/2FA - thus gained full access to the victim’s accounts.

2.  Phishing Email Example 2

  • The phishing email below persuaded users to download a fake PDF file which was actually malware/virus/Trojan software.                                                                     mceclip3.png

3. Phishing Email Example 3

The phishing email below instructed users to click a malicious link in order to receive a nonexistent 0.129 BTC.

Please note:

When you notice such a message, it’s always best to hover over the link to see where it points. 

mceclip4.png

4.  Phishing Email case 4

  • The phishing email below instructed users to click a malicious link in order to participate in a competition called ETH Giveaway. Once again, the email was sent from an email address that was not an official Binance email. mceclip5.png

 

 


Have more questions?submit a request
Related Articles
Security Tips