Binance users warned of phishing SMS attacks impersonating legitimate notifications
Binance users hit by sophisticated SMS phishing
A new wave of SMS phishing scams is targeting Binance users with messages that appear strikingly authentic.
Key Takeaways
- A sophisticated SMS phishing scam is targeting Binance users with messages that appear authentic, urging them to call a specific phone number.
- Investigations suggest these scams use consistent wording and may leverage data from a recent dark web sale of about 230,000 Binance and Gemini user records.
- Binance is expanding its Anti-Phishing Code — originally used in emails — to SMS, helping users verify official communications.
Reports indicate that dozens of users have received texts warning them of unauthorized account activities—such as the addition of two-factor authentication devices or unexpected API pairings with Ledger Live. Unlike typical phishing scams that use clickable links, these messages urge recipients to call a designated phone number. Investigations by BeInCrypto reveal that the texts are uniform in wording and format, suggesting a coordinated campaign likely operated by a single criminal group. Furthermore, there are suspicions that the attackers are leveraging leaked data from a recent dark web sale involving approximately 230,000 user records from Binance and Gemini.
Loading...
Binance’s countermeasures and market implications
In response to the surge in smishing incidents, Binance’s Chief Security Officer, Jimmy Su, confirmed that the company is extending its Anti-Phishing Code to SMS messages. Originally implemented for emails, this unique code serves as a user-defined identifier in official communications, enabling users to distinguish genuine messages from fraudulent ones. Su stated, “By incorporating a unique Anti-Phishing code into Binance SMS messages, we are making it significantly harder for scammers to deceive our users.” This measure has been rolled out across all licensed jurisdictions where Binance operates. Notably, both registered and non-registered users have reported receiving these deceptive texts, indicating that attackers may be using extensive databases to target a broad audience.
Binance Trade Volume. Source: СoinGecko.
This sophisticated phishing campaign continues to unfold amid tightening regulatory scrutiny, industry analysts will be watching closely. The expansion of anti-phishing measures by Binance signals an important step in protecting user assets, yet raises questions about broader vulnerabilities in digital asset security. Stakeholders remain cautious about the long-term impacts on user confidence and market stability.
Read also: NFT trader faces prison for $13m tax fraud on CryptoPunk profits
