Binance CEO Informs Investors about Massive SMS Phishing Fraud

Some Binance customers have received an SMS informing them of a withdrawal from their account.

Along with a false link to cancel it Binance CEO Changpeng Zhao has warned of a massive SMS phishing scam aimed at the digital currency exchange. The SMS contained instructions to cancel withdrawals as well as a link to a phishing website designed to steal users’ credentials. The scam employs the traditional social engineering technique, to dupe the recipient by instilling a sense of urgency, curiosity, or fear in victims, such as the one in this case; “A withdrawal request has been made from an unknown IP address. If this was not you, please follow the steps below…”

Given that phishing campaigns send identical or nearly identical messages to all users, detecting and blocking them is much easier for mail servers with access to threat-sharing platforms. Detecting and blocking these phishing messages on SMS, on the other hand, is much more difficult.

CEO Zhao advised users to type in the exchange’s address “” or use a bookmark rather than any link that would ostensibly redirect them to the exchange’s website.

According to News Sky, SMS phishing (smishing) increased by nearly 700% in the first half of 2021. Also, a “state of the phish” report conducted by Proofpoint, a leading cyber security and compliance company, showed that the number has increased significantly. According to the report, 83 percent of organizations experienced a successful email-based phishing attack, a 46 percent increase over the previous year.

Smishing is very popular because so many people use SMS to fulfill their messaging needs. According to Binance spokesperson,  Zhao on several occasions has warned users about scams involving  SMS phishing. On one occasion, Zhao cited one that targeted a Binance user, however, he didn’t claim that it was the only scam targeted against Binance. The Pakistani government is also investigating an ongoing scam in which investors are duped into sending funds from Binance wallets to unknown third-party wallets, and the FIA has identified 26 suspect Binance wallet addresses where fraudulent amounts may have been transferred.

The number of Binance users customers targeted by the scam was never disclosed neither did the number of users that fell, victim. A number of these crimes go unreported and they cut across borders, making it hard to record and create unified statistics. 

Customers losing their funds in this manner is quite common on major exchanges and in the crypto industry in general. According to Chainalysis’ “2022 Crypto Crime Report,” scammers stole $14 billion in cryptocurrency in 2021, nearly doubling the amount stolen the previous year. On January 17, about $34 million was carted away from users of  as a result of a hack. According to Cointelegraph, a leading crypto news website, there was a successful hack into the Wormhole token bridge on Wednesday, February 2nd, which resulted in the loss of $320 million worth of Wrapped Ether (wETH) from the platform. Digital currency users are now being warned about one of the latest malware that targets browser plugin wallets, such as Counbase and MetaMask, and Wallet. 

Scammers are becoming more skilled, making it difficult to predict what new method they will employ to defraud customers. You can, however, protect yourself from becoming a victim of common cryptocurrency scams. Never respond to a text message from someone claiming to be a Binance employee. As soon as you receive the message, block and report the numbers to the official Binance security team. Binance will never request your account information through WhatsApp, text messages, email, or any other channel. If you receive a verification code without initiating a transaction, do not give it to anyone claiming to be a member of the Binance team or anyone at all. Make sure you always log in through the official website. Users have already been reminded of this by CEO Zhao. To add an extra layer of security to your Binance account, enable 2-factor authentication. Binance also offers an anti-phishing code that can be added to your account for added security. If you have any concerns about the status of your Binance account or receive an alarming text message, you can always log in to Binance directly from a modern browser.

Author Profile

Claire Rogstad
Social Media Director


Leave a Reply