Menú Cerrar

HOW TO SECURE YOUR BINANCE ACCOUNT FROM PHISHING AND SCAMS? (BINANCE ACADEMY)

 HOW TO SECURE YOUR BINANCE ACCOUNT FROM PHISHING AND SCAMS?

(BINANCE ACADEMY)

Advanced. Published: October 31st 2021. Updated: November 1st 2021. Reading Time: 10 minutes.

Original: ESPAÑOL. Translation: ENGLISH (Gracias a DeepL).

Author: Binance Angel Arthur Binance

Uploaded, hosted and Chibi Bibi Angels & Scammers NFTS by Chibiguardians / Binance Angel Chibi Maya

Binance Reference and 10% for you:

https://accounts.binance.com/es/register?ref=UODPINIE

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 

Security is a top priority at Binance. Although we as users should still do our best to keep our account safe.

The most common scams in the cryptocurrency environment and the internet in general are the following:

  1. Online Impersonation
  2. Social Engineering
  3. Phishing
  4. Scams and Frauds
  5. Malware
  6. Low user security

So following that same order, in this article we will describe what each of them are, and by understanding them and knowing how they work we will know how we can avoid falling into the hands of the scammer, and how to prevent it from happening to us.

1. Online Impersonation

 

Online Impersonation is when the scammer uses the real data, either name and photos of a person, or of a company and institution, to build trust and be able to scam you.

Scammers could impersonate Binance support team, Binance Angels, even a person you are talking to in a Binance community such as Telegram and Discord, this can even happen on social networks such as Twitter and Instagram.

So remember no one from Binance will ever write to your private messages, ask you for money or to install anything, or send money to any wallet for any reason, there is no support outside of https://www.binance.com/es/chat. If you suspect you are talking to a scammer within a community, please report it immediately to a Binance Angel.

 

2. Social Engineering

 

Social engineering is when the scammer takes advantage of some information you have provided to manipulate you as a possible solution to your problem, many times this method is accompanied by impersonation to make you trust the scammer even more.

If you ever raise a problem in a community, whether it is a question, inconvenience, or if you mention that you are new, that you have problems with a transaction in your wallet, that you need to withdraw money from Binance, you are going to be approached privately by these people who want to take advantage of you to access your personal data and scam you.

And they can do this in many ways saying that this is a solution to your problem:

  1. A) That you hand over your wallet security phrase.
  2. B) That you affiliate some API with withdrawal permission to your Binance account.
  3. C) You make a fake form where you compromise your data.
  4. D) You download a compromised dapp or application.
  5. E) You transfer money to a wallet, or even cases where they give you a wallet seed to enter and deposit in it to steal the funds.

So you should never trust anyone, if you have doubts about something, ask directly in the general groups and the answer will tell you in the same general chat, or go directly to the online support chat and avoid being approached by scammers.

 

3. Phishing

 

Currently phishing is a common practice by scammers, and although it encompasses the two scams mentioned above, it is much more. Phishing is the different methods, techniques or tools that scammers use to trick you. And it ranges from the use of emails, websites, fake social network accounts, calls, text messaging or via Whatsapp/Telegram, etc.

A. Traditional phishing: This is the method by which you are sent fake emails that have exactly the same characteristics of an official one so that you click on them to download a program, or go to a URL of a fake page and enter your data to steal them.

In Binance you have www.binance.com/en/official-verification where you can validate that the received emails are really official.

 

Also in Binance you have a function called Anti-Phishing Code that places an alphanumeric code of 4 to 20 characters in the emails you receive.

This function is indispensable for the security of your Binance account, and to activate it you must log in to your Binance account and go to [Profile] – [Security].

Or directly at www.binance.com/en/my/security/anti-phishing-code.

 

 

  1. Phishing in Social Networks: Nowadays it is very common for scammers to create from fake pages to fake profiles or exact clones of official accounts, in order to generate trust and scam you easily, it can go from changing a letter in the name to false announcements in social networks about the company.

So if you see any giveaway on social networks, or suspicious events, always confirm before posting any data, remember that Binance will never ask you for money at any time or ask you to send money to a wallet to participate.

C. URL Phishing: This is when scammers mislead users with fake URLs of malicious sites that look like trustworthy sites or exact copies, so they have to be very vigilant about the pages that you always access.

 

So www.binance.com/en/official-verification is an important tool when it comes to validating suspicious URLs.

 

4. Scams and Frauds: In the crypto environment many scammers have taken advantage of the little experience of people who start in this world to deceive them, from fake investment pages where they promise you high returns to attract unwary people, pyramid and ponzi schemes where they promise you high guaranteed profits as long as you invite more people, to fake token contracts, and defi projects that are only deceptions, etc.

In any case they will offer you everything possible to deceive you in different ways so that you invest in them, and even in the case of the investment pages after you try to withdraw, they will put obstacles or excuses to do so and ask you to deposit even more to be able to withdraw the money.

And in the case of pyramid schemes and ponzi schemes, they may even allow you to withdraw without problems just to invite more people so they can continue to maintain the scam, so you should be very careful with these so-called investment companies.

For more information you have: Pyramid and ponzi schemes – Binance Academy.

You should also be aware of fake apps, even fake extensions, be aware that they really are from official pages, no matter if they are in the Play Store, you should always check from the official page and beware of downloading apps from URL Phishing, as they can steal not only the information, but you can lose all your assets because of the vulnerability.

For more information you have: Common Scams on Mobile Devices – Binance Academy

In this kind of case prevention, research and information is the most important thing you can do.

Also ask yourself some questions such as: What is the purpose of the project, does it have smart contract audits, are the founders anonymous, how are the tokens distributed, what are the chances of a scam?

Remember DYOR (Do Your Own Research) do your own research on each project or investment you want to make, to find information about a project listed on Binance you can use www.research.binance.com where you will see a summary of all the information about the project from its whitepaper, the distribution of the tokens, its functionality, access to its roadmap and a lot of important information.

5. Malware: This means malicious software, and refers to any program or software code that is created to infiltrate and intentionally cause damage to computer systems and equipment. In addition to being malicious, a key component of malware is that it accesses a system without permission and without warning. There are different types of malware.

Keylogger: Tracks and sends keystrokes, usually to steal sensitive information such as passwords, usernames and financial data.

Clipboard Hijacking: Unlike the Keylogger, this malware controls your clipboard, so when you copy and paste your wallet, for example, it changes it for the scammer’s, and if you are not attentive, you can lose all your money.

Cryptojacking: Also called malicious cryptomining, this malware uses the computer’s resources to perform cryptocurrency mining without the user noticing.

Ransomware: This malware takes over a system and encrypts files or the hard drive, forcing the individual or company to pay a ransom to regain use of their system or access to their data.

Trojans: Software that disguises itself as something useful for you to install. Once installed, Trojans are often used to install other malware or to steal sensitive data.

Adware: Causes excessive ad pop-ups on a computer, which can leave your system more vulnerable to other malware if it is malicious advertising.

Spyware: Watches and collects the victim’s activities.

Worms: Like viruses, worms are self-replicating. They spread through the system, consuming system resources.

Botnet: An attacker relies on networks of infected computers to work together for malicious purposes.

Rootkit: This technology makes it difficult to locate and remove malware, as it takes the system administrator’s privileges and hides the program from detection.

Wipers: These malwares completely erase all data on the computer or network they infiltrate.

6. Low user security: One of the points in which people entrusted and say it will never happen to me, it is not necessary, my device is safe, because it is totally false, every device connected to the internet is vulnerable to the threats mentioned throughout this article. So you should take into account the following security recommendations to keep your Binance account safe.

 

A) Use strong passwords and change them regularly. Many times for convenience we use the same password for many platforms and it is a serious mistake, because in case it is violated, they can access all platforms that do not have the necessary security measures, this also applies to your email and all financial instruments that you handle as your external wallets.

Ideally, you should even use two email addresses, one for the exchange and another one for personal things, so you make sure that nobody knows your financial email and thus avoid many problems. As you can also use password managers that encrypt your passwords, confirm that the application you use is audited and offers high security.

Also an important tool to verify if our data has been compromised in a security breach of any platform is to use www.haveibeenpwned.com is constantly updated and is totally safe to use.

B) Having the 2-step verification is essential for the security and ease of use of your Binance account, you can use Google Authenticator, Binance Authenticator, Authy or any other of your choice.

This generates a 6 digit code that changes every 30 seconds, so it is a great contribution to security and when it comes to an everyday device, or to release your P2P transactions, you can use only this code instead of SMS that sometimes due to signal failures can take time to arrive.
To activate it you must log in to your Binance account go to [Profile] – [Security].

Or directly at https://accounts.binance.com/en/enable-google-authenticator.

If you want a step-by-step guide on how to activate 2FA, you can go to Guide of how to Enable Binance Authenticator.

As an alternative to 2FA, which is software, you also have the option of activating a Yubikey, which is a USB device that is inserted into the computer and generates a unique access code each time a button is touched.

To activate it you must log in to your Binance account and go to [Profile] – [Security].

Or directly at https://www.binance.com/en/my/security/setup-security-key/1.

If you want a step-by-step guide on how to activate your Yubikey, you can go to Guide of how to Use YubiKey for Two-factor Authentication (2FA) on Binance.

C) Withdrawal whitelist, Binance has a feature that when active you can only withdraw to whitelisted wallets, giving you additional protection to your account.

To activate it you must log in to your Binance account and go to [Profile] – [Security].

 

And to manage the addresses on your whitelist, you will need to click on «Address Management» or go to https://www.binance.com/en/my/security/address-management.

You also have a  Guide of how to enable Withdrawal Address Whitelist.

D) Device management, this function allows you to review the devices that have access to your account according to your IP, it is recommended that every 2 months you do a cleaning of the old IPs and only leave the new ones, to maintain good security of your account.

To access it you must log in to your Binance account and go to [Profile] – [Security].

 

Or directly at https://www.binance.com/en/my/security/device-management

 

Written by Binance Angel Arthur Binance

https://accounts.binance.com/es/register?ref=UODPINIE

Uploaded, hosted and Chibi Bibi Angels & Scammers NFTS by Chibiguardians / Binance Angel Chibi Maya

 

Publicado en ArthurBinance, binance

Artículos relacionados

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.