קנה מטבע מבוזר
שלם עם
שווקים
NFT
New
הורדות
English
USD
מרכז תמיכה
שאלות נפוצות
Security
Security Tips
מאמר זה לא תומך כרגע בשפה שלכם. תרגום אוטומטי מומלץ לאנגלית.

How to Identify URL Spoof Phishing

Binance
2018-03-08 08:25
Every time you want to access Binance.com or log In to your account, please pay attention to the security recommendations below:
e1.png
One more recommendation should be noted:
Don’t enable API if you’re not going to use it.
e2.png
Users may be attacked by phishing website via search engine referrals, browser plugins/extensions, third-party, or invalid apps that might try to steal your API access/private key.
  • Risky search engine referrals. Navigate users to phishing websites.

    e3.png
  • Risky browser plugins/extensions. Navigate users to phishing websites.

    e4.png
  • Risky email with a phishing link
    e5.png
  • Some users may have installed third-party applications to manage their investment portfolios, or install invalid apps from an app store.
    e6.png
Phishing websites attempt to trick users into exposing their confidential information such as their password and 2FA code. Therefore, hackers can steal users’ coins through API withdrawals and abnormal buy/sell orders.
The logs below illustrate a phishing attack through search engine referrals:
e7.png
Server logs listed the process of coins stolen:
  • Login: 188.166.62.200 2018-02-05 09:54
  • Modify API: 188.166.62.200 2018-02-05 10:00
  • Confirm API withdraw: 188.166.62.200 2018-02-05 10:01
  • Login: 86.25.38.113 2018-02-05 10:02
  • Complete API withdraw: 5.45.65.227 2018-02-05 10:02
  • Delete API: 86.25.38.113 2018-02-05 10:03
One victim attacked by a phishing website described details as below:

e8.png
Appendix of suspicious phishing websites.
e9.png
מאמרים קשורים
Binance Account Security Tips