It seems the cybercriminals have decided to give Binance users an early Easter egg – a phishing SMS scam that’s more genuine-looking than your aunt’s homemade apple pie. Users have reported receiving a wave of these texts, which not only look real but are coming from the very same phone number that sends them legitimate Binance updates. Oh, joy!
After inspecting several of these devious texts, BeInCrypto is fairly certain we’ve got a specific group of hackers targeting Binance users with an organized, if not exactly innovative, phishing campaign.
The Great Phishing Plot Against Binance Users
The messages usually throw users into a panic, claiming there’s been some unauthorized activity on their accounts—such as a newly added two-factor authentication device. Nothing screams “trustworthy” like a “security” alert that makes you want to throw your phone out of the window.
But wait, there’s more! The scam often follows up with a message about an unexpected Binance API pairing with Ledger Live. A truly inspired touch, as the recipients are kindly asked to call a number immediately. Well, that’s sure to stop anyone from thinking twice.
Some lucky users have even received these deceptive texts right in the same thread as their real Binance notifications. So, naturally, they get roped in and engage with the message. To add to the chaos, a surge in complaints about this scheme has flooded X (formerly Twitter), making it clear that not everyone is thrilled with the hacker’s work.
Many were caught off guard because the scam messages are sent from the same ID used by Binance for their real notifications. Who could’ve seen that coming? Certainly not the poor souls who fell for it.
Meanwhile, the masterminds behind the campaign appear to have found a new source of inspiration: Binance user data, which reportedly leaked onto the dark web. You know, just your average Tuesday. Last month, an estimated 230,000 combined records from Binance and Gemini were discovered for sale. Cybersecurity experts believe these leaks came from phishing, rather than any sophisticated hacking job. Let’s give a round of applause for the fine folks on the dark web.
The likely culprits are using this leaked data—names, phone numbers, and emails—to craft messages that look so legitimate, even the most skeptical person might second guess themselves.
Recordad que aunque os llegue un mensaje por el canal “oficial” de SMS de @binance, JAMÁS debéis hacer click en ningún enlace ni hacer caso de lo que os envíen.
Binance nunca os enviará ese tipo de mensajes.
¿Queréis saber como actuar o sencillamente lo que hice yo al ver el…
— Ingeniero Seed Ph. (Oficial) (@IngenieroSeed) April 11, 2025
And then there’s the classic phishing tactic: an urgent “not you?” query. Yes, because nothing says “legitimate” like an urgent, uninvited text asking if you’ve been doing something suspicious. This encourages the victim to call the provided number instead of clicking a potentially dangerous link. A real touch of class, wouldn’t you say?
Binance Steps Up: Anti-Phishing Code Goes SMS
In a dramatic turn of events, Binance’s Chief Security Officer, Jimmy Su, responded to these nefarious doings in an exclusive email to BeInCrypto. He confirmed that the company is indeed aware of the growing number of smishing scams (that’s “SMS phishing,” in case you were wondering), where fraudsters impersonate Binance and other legitimate senders. Because who wouldn’t want to pretend to be an international crypto exchange?
“We are aware of smishing scams on the rise where phishing scammers are impersonating us and other legitimate senders via SMS. These scams appear to be more authentic, tricking users into revealing sensitive information, clicking into phishing links, or making a transfer that result in loss of assets.” Binance’s Chief Security Officer told BeInCrypto.
Su, ever the optimist, assured everyone that Binance is now extending its Anti-Phishing Code to SMS. It’s like putting a lock on your front door, but now on your phone. This feature was previously available only for email, but now it’s on SMS too.
This code, a user-defined identifier that pops up in official Binance messages, will help you separate the wheat from the chaff. Or, more precisely, the genuine notifications from the scammer’s poorly thought-out texts.
“By incorporating a unique Anti-Phishing code into Binance SMS messages, we are making it significantly harder for scammers to deceive our users,” Su said.
Good news, everyone! The Anti-Phishing Code is now available in all the licensed jurisdictions where Binance operates. So, for those of you living in areas where Binance is still active, you’re in luck!
Binance also reported that both registered and non-registered users have received these suspicious texts. Which leads to the conclusion that the attackers might be pulling phone numbers from databases that include individuals not actively using Binance. A little data mining, anyone?
Security alert: Beware of fake websites impersonating .
Scammers are using lookalike sites to steal your credentials.
We’ll never ask for your password or MFA code outside our site.
Always check the URL before logging in.
QR codes should always…— Binance.US (@BinanceUS) April 11, 2025
BeInCrypto has some advice, of course. Always double-check your transactions directly via Binance’s official app or website, use multifactor authentication (because, let’s face it, one password just isn’t enough), and for the love of crypto, do not share your credentials over the phone.
If you receive a suspicious message, report it to Binance’s support team immediately. And remember, always look for the Anti-Phishing Code in official communications, and for goodness’ sake, don’t call any phone numbers provided in unsolicited messages!
Read More
- USD PHP PREDICTION
- RUNE PREDICTION. RUNE cryptocurrency
- USD ZAR PREDICTION
- EUR CNY PREDICTION
- USD PEN PREDICTION
- USD THB PREDICTION
- S PREDICTION. S cryptocurrency
- USD GEL PREDICTION
- XRP PREDICTION. XRP cryptocurrency
- FORT PREDICTION. FORT cryptocurrency
2025-04-13 15:44